Over the past nine months, a phishing scam has managed to steal 58 million dollars in crypto from thousands of users.
This deceptive scheme was recently discovered by the anti-scam platform Web3 Scam Sniffer, which revealed the extent of the fraud, affecting over 63,000 users. Let’s see all the details below.
Scam Sniffer reveals crypto scam: over 63,000 people affected
As anticipated, the anti-scam platform Web3 Scam Sniffer has identified a hacker involved in phishing campaigns on Google and social media, which have resulted in the theft of millions of crypto from the victims.
Specifically, the post states the following:
“A ‘Wallet Drainer’ has been identified as responsible for phishing campaigns on Google and X ads, causing a loss of about 58 million dollars from over 63,000 victims in a period of 9 months.”
Scam Sniffer has exposed the scam in a series of posts on X (formerly Twitter), describing the evolution of the deception that was first detected in March:
“Initially discovered in March, the Slow Mist team shared the traces with us in early April. Subsequently, we detected them again at the end of April during a phishing campaign on Google search ads.”
The anti-scam platform has provided further details, highlighting that ZachXBT, a well-known investigator in the blockchain field, has recently revealed nine phishing ads on X, of which more than half have been attributed to a common “wallet drainer”.
How to read:
“In a recent test of ad feeds on X, 9 ads were phishing, of which over 60% used this wallet drainer”.
Hackers have adopted regional targeting tactics and page switching to evade ad audits. This has complicated the review process and allowed the approval of malicious ads.
In addition, it is emphasized that phishing ads use redirect tricks to appear legitimate, disguising links as official domains that instead lead to phishing sites.
The increase of cryptographic scams: the NFT trader victim of a sophisticated hack
Unfortunately, there has been an increase in reports of sophisticated cryptographic scams recently.
On December 16th, BeInCrypto reported that the peer-to-peer trading platform NFT Trader was hit by a particularly advanced hacker attack. This resulted in the theft of millions of dollars worth of high-value non-fungible tokens (NFTs).
The same platform NFT has confirmed the incident, revealing that the hackers exploited the “old smart contracts” as an entry point.
However, the company has advised users to revoke all previously granted permissions to these smart contracts.
The main attacker left a public message on the blockchain, attributing the NFT exploit to another user and claiming that the attack was aimed at “collecting leftover garbage”.
In a bold move, the hacker has even proposed to return the tokens in exchange for a ransom: 3 ETH for Bored Ape and 0.6 ETH for Mutant Ape.
However, it is worth noting that 2023 has highlighted a positive aspect. A significant decrease in cryptocurrency thefts, recording a decrease of over 40% compared to the previous year.
In the month of November 2023, thefts had reached a total of $2.38 billion.
Although December has maintained some uncertainty, there was an optimistic sentiment regarding the prospect of ending the year with a lower number of incidents compared to the $3.80 billion stolen in 2022.
Brief focus on 2023 in the crypto world: Ethereum targeted by hackers
The cryptocurrency landscape in 2023 has followed a trend consolidated in previous years, with Ethereum continuing to be the main target of hacker attacks.
Being the largest network in the blockchain ecosystem, Ethereum has experienced about 38% of the total volume of cryptographic attacks.
After Ethereum, the Mixin network has experienced a massive loss of 200 million dollars in a single breach, while other relevant networks, such as Tron, Base, Arbitrum, and Avalanche, have had to face similar challenges.
The third quarter of 2023 has emerged as the most tumultuous, with a total of $567.69 million in thefts, accounting for 24% of the annual incidents.
This peak has been mainly attributed to breaches in networks such as Mixin, Multichain, CoinEx, and Stake.com. In contrast, reduced activity was reported in the second quarter, with only $180 million in thefts.
The last quarter, which started in November, saw the majority of hacks in the fourth quarter, with significant incidents involving the exchanges Poloniex, Heco, and Huobi.
In conclusion, it can be stated that in the context of the DeFi landscape, which promises decentralization and financial inclusion, trust represents a crucial factor.
Safety, therefore, is not only an operational necessity, but the foundation on which trust is built.
Source: https://en.cryptonomist.ch/2023/12/22/phishing-scam-58-million-dollars-in-crypto-stolen-from-thousands-of-users/