In the Crypto world, exploiting protocol vulnerabilities and phishing have become the main ways for crypto hackers to launch attacks. According to related reports, in the second quarter of 2022, the total amount of losses due to protocol loopholes in the encryption industry exceeded US$670 million, an increase of nearly 50% year-on-year.

It is precisely because the code in the encryption industry is open and transparent that hackers can focus on finding vulnerabilities and launching attacks by viewing the target code. Therefore, many Web3 projects specifically launch bug bounty programs to avoid greater economic losses. Since May, phishing attacks have become more common.

Such as defrauding website links through Discord private messages, sending phishing emails (Opensea phishing emails), and sending malicious links in disguised token airdrops (Uniswap V3 was stolen), etc., making it hard for unsuspecting users to guard against. Among them, the Ethereum ecosystem has become the main victim. With the incremental development of NFT, crypto hackers have recently started NFT "phishing", and many NFT assets have been frequently stolen. Two common NFT phishing attack methods are NFT phishing websites that steal user signatures and high imitation domain names and content.

How to monitor and protect the security of encrypted assets has become a top priority. In the event of a hacker attack, what measures the project party will take to protect the security of customer assets, and how ordinary users can monitor the addresses and transaction details they care about are key issues of concern in the Web3 era.

Therefore, this reflects the importance of blockchain API technology. The value of API lies in the data services that can provide security, privacy and ease of use. APIs are currently used in various fields of the encryption industry, involving token transactions, address monitoring, and transaction analysis and security. such as blockchainAPI provider Tokenviewsecondary title

1. Obtain hacker address

Take the theft of Uniswap V3 as an example: On July 12, 2022, Binance CEO CZ tweeted that hackers had stolen 4,295 ETH on the Uniswap V3 platform. Uniswap founder Hayden Adams also confirmed that the theft was a phishing attack. Some LP NFTs will be stolen due to mistimed authorized transactions. We can get more information by monitoring addresses and on-chain transfer behavior. Please refer to the specific stolen process:alert! Another phishing attack: $8.1 million stolen from Uniswap。

secondary title
https://eth.tokenview.com/cn/address/0x09b5027ef3a3b7332ee90321e558bad9c4447afa

2. Why should we monitor hacker addresses

Due to the anonymity of the blockchain, we cannot obtain the real identity information of the hacker. If the hackers transfer the stolen funds to a centralized exchange such as Binance, they may be able to get clues about the hackers. Of course, this kind of thinking is often too direct. Since hackers choose to transfer to the exchange account, they must consider the anonymity of their own information.

Another reason for monitoring the hacker's address is to obtain the hacker's dynamics in a timely manner. Once the hacker's address changes, all the addresses associated with the hacker can be monitored to prevent the hacker from carrying out the next scam or other actions.

From the theft of funds to the next step, the whole process may last for half a year or even longer. This also brings many difficulties to our monitoring. At this time, if you use a program or API to obtain relevant information at the first time when the address balance changes, then monitoring will become much easier.

3. How to monitor hacker addresses

Okenview's monitoring address API uses Webhook to POST the address balance change information to the set Webhook URL. Using the Tokenview address monitoring API to track hacker addresses generally requires the following three steps:

Register Tokenview developer account:https://services.tokenview.com

Set Address Monitoring Webhook URL

Enter or copy "Hacker Address"

After completing the above steps, once transaction information occurs at the hacker's address, you will receive a notification as soon as possible to grasp the real-time dynamics of the hacker's address.

Finally, Tokenview reminds you to learn [anti-fraud skills]:

1 To prevent the signature from being stolen, the content of the transaction needs to be confirmed when signing the transaction to ensure the authenticity of the transaction initiator;

2 Do not disclose the private key and mnemonic;

3 Do not randomly click on unknown links and websites, and guard against NFT phishing websites with high imitation domain names and content.