search

MetaMask / metamask-extension

:globe_with_meridians: :electric_plug: The MetaMask browser extension enables browsing Ethereum blockchain enabled websites
https://metamask.io
Other
11.98k stars 4.9k forks source link

Scam tokens created by 0xF24246e0d5399eA85dbdaDcfdBc9E8F14490dB58 #3520

Closed DaveAppleton closed 6 years ago

DaveAppleton commented 6 years ago

This address has created fake tokens and put them onto E/D

address/symbol

0x3e2b9f6b67fc972419af5e9818281b745a6bf83b CLN
0x8dc2c980d25b586c5c110ec3c477e985b9acad8b CS
0xd6f8668e96951e4108a79bc45ccef022544c73b3 GEM
0xe06ae5c5ab3eda3a62918bf86532c7d87dbbc66d REM
0x4a500bf6818ba31bb2b1dc90a354ab64ad3301dd ZCHN
0xf2601c5a063c6a6ca86d8b6bd0543158f83a10ce LIF
0x0dc04198cd942b55a7d63f5c3891122b6fa277ea MFG
0x07faacbe52a8b5d3d22f49206bdd9d9c1f71991d THRT
0xa0db4acb24e92167341320fcd882bbfb641cd12d FND
0xac9093198de62e5289163e85bacb53ead596b9f3 EBC
0x5ba53eb789c7f017fe3cd8027fb01c5eeb81f697 EXC
0x116574a18659f0063150e0064e4ea00349a1492c GBX
0xc4dca8f7d121ad79057a8382fc9fa9898727ddd8 FSN
0x68d41d0c11bf5536d6d8c186ccfaf3de1a022d67 CPY
0x65af8c81291fb60a20235d9e4de80851f8f845d2 DTH
0x57d4e4ea0a207074d7e45fe60c939d2f4d3ed06b INSTAR
0xc315f677f6a8f7b42d8fb32500e790cbf3dfbce8 RKT
0x07a065bbc565002740caccb22b452fdd029ba988 RFR
0xfd477bf560e59941796b398cea662b393298abc0 TOM
0x39a7c26ada0e575d69f05dd6b8086f0ddd99e207 CRNT
0x1ccd65d573057c388ea96cc8be30c18a6d21185d DTX
0x1a2c53d132ff8a6e26f6b32c0abdc179b94f0721 RFR
0xe02f2921742a6eec7ae44a18b1cca4277874bc74 ABT
0x7e160f5cf87e44cbe6b1337bb883f453445391de REN
0xd9204db19a18e051e861576a462c0cf83a2b6237 BEE
0x0b1f025593acd090a6c9b754e6e46acf88e89646 FXT
0xa62b5f23f4b3ddc20f879c3ff58d4b1ef2952d97 MTN
0x1982b0e96a0375e5b570e8e466d423a37af34b43 WPR
0x1d82886f997d0b124dfab342558bc463299c8a6b ING
0xdef05b512d405f4fb930e252c6c11f054832c93b WIZ
0xe6d3486a5fe2742e313a3266af8ff4f43e597d27 CPX
0x99f93d05059f074e893ab369f71adb4569a3da12 ELA
0x303f41f4e6a1e1fc9cc2738c722b73b3d9fe54cb OCN
0xcff5e190a3d92e480a8bc5b414362c0d1afeb54e STQ
0x8676f2dfd06ec780ea3f8fba65a29110a56dd830 HADE
0xe1358ae1a9130bc458c8021fcbb7ef8aedd51487 AMLT
0x955427a36b5c92edee90a1448bfc7e854e9caef5 DADI
0xe9ee84b3b818b2af67c4536248fbfc5c7a0ccfad EDU
0xe6c51d563f92a23dee9a7093bb1be33bd35c05d8 SHP
0x956729a9e9b2ff42a30c8bd8fbe380b2c714825b nCash
0x788431a9fed9fae11871353cd6e92f3b724e7d63 EXY
0xa6ba0996684fcff6167128a13c8b0a1648310e6e CPC
0xe1632e7e0dc135f3bc8991b917e8b682ab340fe1 MWAT
0xa05554fa940043c7ba191b16cbbe404c3f898f48 XNK
0xd84af8766bd29b988f3426cc48cac5a6646f1f90 PXS
0xc616d99df3bf92e3111090f94694bd662b72ab1d FOTA
0xa490730ce2a97ec9f81f08fdb0eede36d6319bbd DTA
0x702d965332e3082dc976c3b4013cfe0e2c540bcb BLZ
0x371850498d1bd60d67110d1d046ffabc10f957ec EVE
0x02f4a464eebb46a50dd087074d7a2cf3f5a3598b MOBI
0xdf04e5007cb8fd65831310ceda40f5642c1b39c3 ZPT
0x9beb086842a6c61ad929995f7060e3ee2c4a94ce TRAC
0x5e6dcab4f8edbfc1537b804803d831e5f42d8f3b MAN
0x703f0116bf2ef4c80efac751a319f097fd2dfe6c EVN
0x3d11b2189ad65e0e91e2f2b0e07cbc05ddc75b7a WAN
0xcec962222291e09a07c0bd0a110d2211e0358b28 LST
0x069a6761e9897ced3f5d13f4aa9ad745e526c913 DOCK
0x38c36d3faab64c0770af26cc6ee95d91312bc53c BAX
0x66e88b42922916d01b9aec71dd334d7fa5fb526d TFOOD
0xda917961872ae8e0c8b96f6925a4d7cc7b27aea3 hmmmm
0x39ac3008be15cd3e3f23786faa0550c3e0b92ff2 hmmmm
0x12736c6b02381c3c50e41db3a69d7bb651a77d57 TMC
0x581cc257051a34972641d008c3915a75771be274 MAD
0x4566b8b849dcdbe04f64bf1909db313cf60d6e41 BERRY
0x3884eb0ae2a04bce65b5b0ca9c1bd069cbd52c66 BNK
0xf245e09a1b42f847b120558f0c6e08f821be23f7 CGcoin
0xd06f80a4b932d7247aba4a85decce6c2458c0654 IGNT
0x0bdd81d2a676166f2a28691e8af64ebeeca67fae FTX
0xd22167d083a5cfc2f1ccadeb842a8093b2174c5f IAM
0xc593e92ed9fd3c2f9db972860047affd2df83ae7 ADH
0x09cc69f6b484cada8e152d2002adfca496d723f3 HERO
0x47dc6f08214f891cc910d6d2abfb504c2584f14f NPX
0x1c0dffa23f342a62ace37bd4eede6180c40ccbec LYM
0xd72ebdf278c092d9cdaa12c58f8bd9438f96b83e Havven
0xe824ec0f8384600f3187967f8b098014e31892f2 HT
0xe9ab68e4aa12bf290529626e5f32725cf5abfba8 BANC
0xd354cf84a4cfd096120e2d4bf0a0cc8866d4efe1 DEB
0x1dea82c5628ae89572a153a556312832ee33fda9 ELEC
0xe051ee9bd6270ff52d85ffe09685ee3a9755f04a PAL
0xcee9ee01d48050415f1b104277bd493c5dbe645e ZCO
0xbf0c85867fcdd4064d22b0dfd91561a52134e035 IPSX
0xf689bb4b063683a9ffd7a9295106f1e47c095809 J8T
0x0f7a4c36b5ee28e581504e8dfa62fa83a11ca7a9 VIEW
0xf1014a29614b196d19d8ecd5ff05f3cef5efdbe2 NCT
0x0d87ca679a7ab95598b34eb54dafc356b0373388 KWATT
0xdc3fd5cce7b17e461c692ff34f22fbd4b780b151 DRG
0xb1f873cb2cd0c818ce8b0a7d971f062808a47425 SMT
0x7b3a132ad35b6138f2dd148bfac2e790e4869723 VLD
0x6973c24fadd0bcab33ee5cb325c8a70e81c67c20 SENC
0x15847dcd428033c2cc2cb70edf2cbd6c84afc146 FDZ
0x4411db7be552b487e3681e890ed14de9a9b24f7b NRV
0xa5b254aea2e59ab3ce3bec470fe1882403c41be0 CAPP
0xccffdb4bd0abb6fd105c1c4e03b4e919a5b57ab9 FACE
0x31537238bb5b237254b629bf226b566c617f182b STC
0xddff022e4befa69cbb5262446a8ae564700bea24 MESH
0xe6b39dad6d7a50b233da23e510697422e9d6351a CARD
0xe9e837881c89e943c4c66e26031922bf8fc3f4f3 BTC
0x3f4d77cdabf58f5bfd2ef20784cafd58334542f8 ETH
0xcd63bb3586e871611cc60befcadf8e56bc7aeea3 XRP
0x3ad44a16451d65d97394ac793b0a2d90c8530499 BCH
0x6678bb2a94097f5046ff179a9dcec5be0985745b LTC
0xc14777c94229582e5758c5a79b83dde876b9be98 ADA
0x5f6ab160206bc6a5d663ca5d0f237d82c572272b NEO
0xff35866acb80ce4b169d1460cd48108955c1c445 XLM
0x45750cd6a3bb2206dbeb9cba5e68bf909ac945e3 XMR
0xc36454ed2b40adef7c75b9cef95b2f8010d3e0d2 EOS
0xde5886e65cbf1a9d21267f5ef7d5ed444cc63938 EOS
0x1c0e294310091654beac3d191089d3c376be123f VERI
0xd2f4ea2f9d4c627c957305e28877081da9296d47 PPP
0x91ef0754d270e67f2ca92595f5a1c0459ec7df89 PPT
0x82334551e71b48387a122ebb256b188bf5868f44 ARTIS
0x1d64ea27764164debb4e891eb04d524f42904b08 DENT
0x495a8b1fdba38d726e514e95b4f1657c69fefa0a KIN
0x175e0d5f3757b066a6f0cf7634b45f3085cb490b PLR
0x93aebe50a59dfd4c1f7ed56f5177c6ced54a33af ERC20
0x18e81898ac31a43850fb8d0224477349de6d8d9a EDT
DaveAppleton commented 6 years ago

@danfinlay - do you have a block To: address ?

tmashuang commented 6 years ago

We do not have a blacklist for addresses, we only have the blacklist phishing sites. A proposal to blacklist Etherdelta is not a likely one and would require deliberation. You can propose this here: https://github.com/MetaMask/eth-phishing-detect/issues/new. For now I believe notifying EtherDelta and its users would be the first step in preventing transactions to scam tokens. You can post your findings on EtherDelta's main Gitter channel. https://gitter.im/etherdelta/etherdelta.github.io

tmashuang commented 6 years ago

Proposal: Add blacklist for addresses/contracts.

DaveAppleton commented 6 years ago

Thanks.

danfinlay commented 6 years ago

@DaveAppleton

When trading on EtherDelta, you're sending TXs to EtherDelta, not any of these contract addresses, so blocking them won't stop people from buying them on EtherDelta, we would have to also add a custom EtherDelta transaction parser to block these purchases.

Why, I might ask, should we be responsible for keeping their users safer than they are willing to? They're the ones earning fees with every transaction, if they aren't willing to budge for security, people should seriously ask if they should be using it at all.

I've retweeted your warning from MetaMask's twitter, but ultimately I just think people need to stop using sites that don't have their security in mind. People can add tokens to EtherDelta forever, and if we (at MetaMask) try to blacklist all of them, we're going to put a huge strain on ourselves and our software, all in service of one exchange that has proven itself to stick with a variety of insecure practices (Continuing to use eth.sign for signatures, supporting private keys stored in the page, and allowing anyone to add duplicate tokens).

DaveAppleton commented 6 years ago

Fair comment.