Saved in:
Bibliographic Details
Main Authors: Muzammil, Muhammad, Wu, Zhengyu, Harisha, Lalith, Kondracki, Brian, Nikiforakis, Nick
Format: Preprint
Published: 2024
Subjects:
Online Access:https://arxiv.org/abs/2411.00352
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866917825505918976
author Muzammil, Muhammad
Wu, Zhengyu
Harisha, Lalith
Kondracki, Brian
Nikiforakis, Nick
author_facet Muzammil, Muhammad
Wu, Zhengyu
Harisha, Lalith
Kondracki, Brian
Nikiforakis, Nick
contents A Blockchain Name System (BNS) simplifies the process of sending cryptocurrencies by replacing complex cryptographic recipient addresses with human-readable names, making the transactions more convenient. Unfortunately, these names can be susceptible to typosquatting attacks, where attackers can take advantage of user typos by registering typographically similar BNS names. Unsuspecting users may accidentally mistype or misinterpret the intended name, resulting in an irreversible transfer of funds to an attacker's address instead of the intended recipient. In this work, we present the first large-scale, intra-BNS typosquatting study. To understand the prevalence of typosquatting within BNSs, we study three different services (Ethereum Name Service, Unstoppable Domains, and ADAHandles) spanning three blockchains (Ethereum, Polygon, and Cardano), collecting a total of 4.9M BNS names and 200M transactions-the largest dataset for BNSs to date. We describe the challenges involved in conducting name-squatting studies on these alternative naming systems, and then perform an in-depth quantitative analysis of our dataset. We find that typosquatters are indeed active on BNSs, registering more malicious domains with each passing year. Our analysis reveals that users have sent thousands of transactions to squatters and that squatters target both globally popular BNS domain names as well as the domains owned by popular Twitter/X users. Lastly, we document the complete lack of defenses against typosquatting in custodial and non-custodial wallets and propose straightforward countermeasures that can protect users without relying on third-party services.
format Preprint
id arxiv_https___arxiv_org_abs_2411_00352
institution arXiv
publishDate 2024
record_format arxiv
spellingShingle Typosquatting 3.0: Characterizing Squatting in Blockchain Naming Systems
Muzammil, Muhammad
Wu, Zhengyu
Harisha, Lalith
Kondracki, Brian
Nikiforakis, Nick
Cryptography and Security
A Blockchain Name System (BNS) simplifies the process of sending cryptocurrencies by replacing complex cryptographic recipient addresses with human-readable names, making the transactions more convenient. Unfortunately, these names can be susceptible to typosquatting attacks, where attackers can take advantage of user typos by registering typographically similar BNS names. Unsuspecting users may accidentally mistype or misinterpret the intended name, resulting in an irreversible transfer of funds to an attacker's address instead of the intended recipient. In this work, we present the first large-scale, intra-BNS typosquatting study. To understand the prevalence of typosquatting within BNSs, we study three different services (Ethereum Name Service, Unstoppable Domains, and ADAHandles) spanning three blockchains (Ethereum, Polygon, and Cardano), collecting a total of 4.9M BNS names and 200M transactions-the largest dataset for BNSs to date. We describe the challenges involved in conducting name-squatting studies on these alternative naming systems, and then perform an in-depth quantitative analysis of our dataset. We find that typosquatters are indeed active on BNSs, registering more malicious domains with each passing year. Our analysis reveals that users have sent thousands of transactions to squatters and that squatters target both globally popular BNS domain names as well as the domains owned by popular Twitter/X users. Lastly, we document the complete lack of defenses against typosquatting in custodial and non-custodial wallets and propose straightforward countermeasures that can protect users without relying on third-party services.
title Typosquatting 3.0: Characterizing Squatting in Blockchain Naming Systems
topic Cryptography and Security
url https://arxiv.org/abs/2411.00352