The team at Forta Network has sounded the alarm about a new version of the Sleepdrop scam. This version of the scam uses NFTs and a verified contract to mislead users into thinking they’re interacting with a legitimate airdrop.
Forta Network is a California-based security and operational monitoring network for wallets, developers, and investors. Lido is one of its users. The Forta community discovered the scam when a new NFT from Lido was transferred into one of Forta’s multisig wallets.
A New Kind of SleepDrop Scam
After Lido confirmed that it was not the source of the NFT, the Forta community studied it and discovered it was a scam.
The scam involves several steps. First, the scammer creates an ERC-1155 (NFT collection) that impersonates a legitimate team. Next, the scammer transfers most of these counterfeit assets to a legitimate contract that previously conducted an airdrop.
Then, the scammer triggers the airdrop function of the contract to distribute the NFTs to multiple addresses. To deceive recipients, the description of the NFT includes a phishing URL embedded within it.
Learn how to stay safe in the world of Web3: 15 Most Common Crypto Scams To Look Out For
The main difference between a traditional sleepdrop and this scam is that the scam offers an NFT as a fake reward. This makes it seem more authentic than an ERC-20 token that includes a URL.
The scammer’s contract is verified, but it delegates the execution logic to another unverified contract. This can deceive targets into thinking they are interacting with a verified contract. In reality, the critical execution logic lies within an unverified contract, leaving them vulnerable.
Source: Chainalysis
Do Not Interact With Unknown Tokens
In a discussion with BeInCrypto, Christian Seifert, a researcher at Forta Network, offered some tips to stay safe.
“Do not interact with any token that you randomly receive. Even if it looks like the sender is a legitimate team,” Seifert said.
“Analyze the contract you are interacting with: who is the deployer or how long it’s been live. Review the official social media of the legit team as they may have flagged the scam,” he added.
However, the source did stress that in the event of this Sleepdrop scam, the company’s social media may also have been compromised.
BeInCrypto covered the original Sleepdrop scam when it first came to the attention of the Forta community. That scam operates by imitating the appearance of a genuine token through a technique similar to “sleepminting” of NFTs.
The scammers have so far impersonated tokens from Uniswap, Chainlink, Lido, Circle, and others.