Gas tokens, wallet security warns against interacting with strange tokens amid Multichain exploit delirium

Gas tokens have become the new loophole that hackers exploit to steal money from unsuspecting token holders. The discovery aligns with the recent attack on cross-chain router Multichain.org which saw the threat actors make away with upwards of $130 million in user-supplied tokens.

Also Read:  Fantom trading volume falls 20% as Multichain hackers leverage FTM tokens in a new attack on Twitter

Gas tokens, a new tactic among scammers

Gas tokens could see you lose money without seeing it coming. The news comes after several reports of token holders noticing strange approval notifications on their transaction history even though they had denied the transactions.

Gas tokens are typically cryptocurrencies designed to pay transaction processing fees. Notably, for every transaction, a nominal fee is paid as a transaction charge. A recent discovery has indicated that scammers now leverage this principle to enrich themselves at the expense of innocent cryptocurrency investors.

The gas tokens concept traces back several years ago to mitigate high Ethereum (ETH) blockchain transaction fees. It works by leveraging an Ethereum Virtual Machine (EVM) feature where users get some form of discount when clearing storage. Specifically, “users could mint gas tokens when fees were low, and burn them when fees were high.” Effectively, they enjoy the reduced fees as an unintended result of storage gas refunds.

Gas tokens leveraged by Multichain hackers

Multichain hackers capitalized on gas tokens to execute their recent attack, creating fake tokens for airdrops and advertising them to the unsuspecting Fantom (FTM) and Dogecoin (DOGE) holders.

Here’s the catch! While the victims (unsuspecting token holders at the time) turned down the notifications to approve the airdrops, they did not know that the bad actors had created fake approvals for these tokens, which victims thought they needed to (and did) revoke.

Revoke.cash, a web3 infrastructure, has cautioned token holders against reacting to such notifications, saying, “If you tried to revoke these fake approvals, you probably paid a very high fee, which went to the scammers.”

The wallet security firm said that the Multichain hackers programmed fake tokens to mint a lot of gas tokens during the victims’ revoke transactions, which were all sent to their own accounts. At this point, therefore, they could sell their exploit tokens. Notably, the transaction is not noticeable as “just a high gas fee.”

According to Revoke, the best way to avoid this exploit is to ignore them because they are innately programmed to charge a high fee when revoked.

Citing Revoke.cash, “The approve/revoke functionality is programmed into the token itself,” which means ignoring it is the only way to avoid falling victim. 

Instances of scams presented as airdrops have increased in the crypto sector, which is why token holders must exercise caution and avoid the temptation to click on links they are not familiar with.