Former Binance CEO Changpeng Zhao (CZ) has taken to social media platform X to call on blockchain explorer Etherscan to thoroughly filter out spam transactions generated by address poisoning attacks.
CZ pointed out that TrustWallet has already implemented filtering for such transactions, while Etherscan continues to display these zero-value transactions. These transactions flood users' wallets and could potentially lead to users being defrauded.
Etherscan had previously issued a warning explaining this attack method: attackers attempt to trick users into copying the wrong address when sending funds by displaying addresses that are extremely similar to legitimate ones in the transaction history.
One user, Nima, stated after their wallet was subjected to such an automated attack: "A lot of people will fall victim to this."
CZ's tweet read: "Blockchain explorers should not display these spam transactions. It should be easy to filter them out completely. @TrustWallet already does this. This might have some impact on micro-transactions between AI agents in the future. At that time, we can also use AI to filter spam."
Xeift further clarified that Etherscan hides zero-value transfers by default. However, platforms like BscScan and Basescan require users to actively click the "Hide 0 Amount Transactions" button to remove transaction records from address poisoning attacks.
This difference in default settings exposes some users to spam that could lead to them sending funds to an attacker-controlled address.
CZ also mentioned that this filtering mechanism might affect micro-transactions between AI agents in the future and suggested that AI technology could be used at that time to distinguish legitimate zero-value transfers from spam.
Another user, Dr. Favezy, pointed out that in addition to address poisoning, token swaps also bring additional risks. He mentioned a transaction yesterday from the 0x98 wallet that swapped $50 million worth of assets for $36,000, raising concerns about routing and liquidity source selection.
Favezy wrote: "I truly hope AI agents will trade with proper routing and best liquidity sources to avoid this."
How Address Poisoning Attacks Work
These attacks exploit the `transferFrom` function to initiate zero-value token transfers. Attackers send 0-value tokens with the goal of creating a transfer event that appears in the victim's transaction history. Since every address has approval for 0-value tokens by default, the event can be triggered.
Subsequently, attackers combine this with address spoofing techniques to increase the likelihood of victims copying the wrong transfer address. The spoofed addresses are highly similar to legitimate addresses in their starting and ending characters, making them easily confusing.