Hi guys,
I keep receiving these BEP 20 tokens on the BSC from unknown sources, tokens that i know nothing about. Then i realized these are dust attacks and i am not the only one. I was wondering if i could swap these tokens for BNB? How could the dust attacker steal my other tokens in my wallet or do anything to benefit out of the dust attack? What are the risks associated with swapping the dust attack tokens?
Your tokens CAN be stolen if you are not careful with the transaction that approves the BEP-20 token to be spent from your wallet. It is a good idea to search the respective community, twitter, forums, etc to see what others are saying about a specific token. It can become obvious very quickly if an airdrop is malicious.
Sometimes it isnāt a dust attack at all, itās just a project trying to extend its reach. Thereās a reason people put āDYORā everywhere - the more you search, the more likely you are to discover problems with a malicious token.
Cheers and good luck!
Can they get access to my wallet if I approve a tokens to be spent from my metamask wallet? Can the scammer design their contract as such so that he can access my whole wallet if I approve a token to be sold on pancake swap before swapping it.
I tried swapping one such token for which the error that BSC gave was " Fail with error āERC20: token must be unlocked before approve. Visit Veranet.info for more infoā " so what does this mean? assuming this is a scammer can he get access to my wallet? should i be worried?
if this is a scam and he can get access then what can i do to prevent myself from getting scammed now?
With a little (very little) research, this looks totally like an scam.
It seems they spammed A LOT of wallets with 800.000 āveraā transactions. 800.000 Vera seems to swap to USD 94k (huge amount of money). If you try to change them you get the error you mentioned: Fail with error āERC20: token must be unlocked before approve. Visit Veranet.info for more infoā
No matter which exchange you useā¦ as the authorization fails, I donāt think that can harm you in any wayā¦ but Iām not 100% sure as any transaction failed or not leaves traces, and if this is intended to attack your privacy this could partially be a success for the dusters/scammers.
Then if you go to Veranet.info siteā¦ the site looks bad, really bad! The domain has been registered for a couple of days and it totally lacks of legit project information. All you get is the āconnect your walletā button. I didnāt clicked but probably thatās the point where the malicious attack really begins, so, you better donāt click it!!!
I hope youāll get new information about this probable scam soon, for now this is the only post I found about this.
Some people out there are confirming that Vera. io (veranet. info) is a scam, if you connect the wallet at his site they empty your wallet. So just be careful.
Connecting wallet to a site you didnāt know and trust is usually a very bad idea.
thanks for your valuable update. i very much appreciate it. saves me from going rekt
I have seen that only a few times. The best practice is not to unlimited approve any tokens, and donāt approve tokens you donāt recognize. Remember "There aināt no such thing as a free lunch "
So what do we do with these tokens that have been airdropped?
Just leave them alone in our wallets?
Iāve received these garbage bep-20 tokens:
VERA
FLUX
MNEB
WSB
I canāt advise you no what to do with them, but to my knowledge there isnāt danger in ignoring them.
I have the same issueā¦ i received the same tokens and i tried to swap one of them and have approved it on my end but it was failedā¦ will it harm my metamask? When i check on the bscan one of them i read a warning that it is a phishing and I get worried that all my tokens in my metamask might be lostā¦
Is there anything I can do? Please helpā¦
No, it wonāt harm your metamask. There is nothing you need to do at this time. If you really donāt want the tokens in your wallet you should be able to send them away without unlocking them.
sorry for my english, iām from brazilā¦ i got scammed by one of this āfake tokensā when you go to the website and click to claim tokens, you pay a small fee to aprove the site to spend your tokenā¦ and you know what happens nextā¦ my question isā¦ this authorization of transaction, they only can do once with one token or it can be multiple tokens and entire wallet? and is there a way to block new transactions or resetting every permission ?
make sure you read what you are accepting, they might be asking for permission to clean out all your tokens and you just push the accept button without realizing you gave them access to everything.
You can use the tool from the site unrekt to revoke the permissions you have accepted. You have to connect your wallet to the site and each revoke will cost you a transaction (gas) fee.
I have used this site to revoke permissions and havenāt had issues, but please donāt take my word for it, please do your own research before you connect your wallet to any site you donāt know.
That said, this is the site:
app(dot)unrekt(dot)net (change (dot) to . since I cannot add links here)