The Forta Network team has raised the alarm about a new version of the Sleepdrop scam. This version of the scam uses NFTs and a verified contract to trick users into thinking they are dealing with a legitimate airdrop.
Forta Network is a California-based security and operational monitoring network for wallets, developers and investors. Lido is one of the users. The Forta community discovered the scam when a new NFT was transferred from Lido to one of Forta’s multisig wallets.
A new kind of SleepDrop scam
After Lido confirmed it was not the source of the NFT, the Forta community studied it and found it to be a scam.
The scam consists of several steps. First, the scammer creates an ERC-1155 (NFT collection) posing as a legitimate team. Then the scammer transfers most of these counterfeit assets into a legitimate contract that has previously been airdropped.
Then the scammer activates the airdrop feature of the contract to distribute the NFTs to multiple addresses. To trick recipients, the description of the NFT has a phishing URL embedded in it.
Learn how to stay safe in the world of Web3: 15 most common crypto scams to watch out for
The main difference between a traditional drag drop and this scam is that the scam is offering an NFT as a fake reward. This makes it appear more authentic than an ERC-20 token with a URL.
The scammer’s contract is verified, but it delegates the execution logic to another unverified contract. This can trick targets into thinking they are interacting with a verified contract. In reality, the critical execution logic lies within an unauthenticated contract, making them vulnerable.
Source: Chainalysis
No interaction with unknown tokens
Speaking to BeInCrypto, Christian Seifert, a researcher at Forta Network, offered some tips for staying safe.
“Do not interact with a token you receive randomly. Even if it seems like the sender is a legitimate team,” Seifert said.
“Analyze the contract you are communicating with: who is the deployer or how long has it been live. Check out the legitimate team’s official social media as they may have flagged the scam,” he added.
However, the source emphasized that in the case of this Sleepdrop scam, the company’s social media may have been compromised as well.
BeInCrypto covered the original Sleepdrop scam when it first came to the attention of the Forta community. That scam works by mimicking the appearance of a real token through a technique similar to NFTs “sleepminting”.
The scammers have so far faked tokens from Uniswap, Chainlink, Lido, Circle and others.
