How can I redirect any value/tokens sent to an ERC20 wallet, to another wallet?
I heard of a new method of stealing currencies and would like to know how it works in practice. Basically, the bad guy spreads the privatekey everywhere on the web and funds the associated wallet with some tokens. Victims will then try to empty the wallet through the privatekey but the wallet has no GAS and any GAS sent to it is redirected to another wallet.
So all the thief has to do, is to spread the privatekey around and wait for victims to take the bait.
How would a contract like this look like?
Best Answer
This is how I picture it taking place, however, I've not read about this till now, so it's a shot in the dark.
Bad Guy: creates a smart contract which consists of following:
1) fallback function transfers any incoming ether/Gas to a proxy wallet.
2) contains a bait function draining the wallet for existing ERC20 funds.
3) does not verify code, and the average tech enthusiast won't be able to understand operational code so reverse engineer the source code will be too much time effort.
Bad Guy: Associates/deploys the contract from an empty wallet and starts social engineering the public to take his bait. Based on how thoughtful and convincing the bad guy's social engineering tactic is.
Innocent Guys: Rushes to empty the contract before someone else, creating an emotional rollercoaster and starts a domino effect between infected minds.