Industry-leading blockchain security firm shares a list of potentially dangerous tokens
- Token list
- How can scammers steal users’ funds?
Industry-leading blockchain security firm PeckShield has released a list of potentially dangerous tokens for Binance SmartChain investors. According to blockchain security experts, the mentioned tokens have numerous vulnerabilities that might affect investors’ funds.
Tokens from the list were chosen based on the vulnerabilities they had, including the ability to mint an unlimited number of tokens, the ability to blacklist any accounts on the token’s chain and restricting exchange operations like selling.
#Scam PeckShield has detected 50+ tokens with rug-potentials. The community may want to be aware before interacting:
· Admin can mint unlimited tokens
· Admin can restrict token selling
· Admin can blacklist any account@bsc_daily #BSC Here is the list:https://t.co/6mBp2HX6Hm pic.twitter.com/fYJAMAPs7H
— PeckShieldAlert (@PeckShieldAlert) January 13, 2022
Some tokens from the list mimic the stocks of widely known companies like Amazon or are named after public figures like the 45th president of the United States. Some projects have decided to join the increasing popularity of Doge-themed tokens like Floki with two contracts in the list functioning under the “Floki brand.”
How can scammers steal users’ funds?
With the further development of the DeFi industry, scammers have started to use the carelessness of some users to steal their tokens or coins by changing various pieces of code in standard—at first glance—smart contracts that allow them to gain access to wallets, transactions or everything at the same time.
As PeckShield notes, one of the most popular ways of stealing funds is a piece of code that allowed developers to mint an indefinite number of tokens. By executing a command from a genesis address, developers release and send themselves a large number of tokens and then sell them on decentralized exchanges.
Two other options mentioned by the security firm like the token selling restriction and blacklisting cannot be directly used to steal someone’s funds, but at the same time, they might affect users’ experience with the token, especially those who own a large number of tokens and are willing to take profits on the market.