A recent phishing campaign targeting users of the Ethereum blockchain explorer Etherscan has been identified and flagged as a potential threat. The campaign involved malicious phishing ads that were designed to redirect users to phishing websites upon clicking on them. Web3 security platform Scam Sniffer quickly responded to the warning and launched an investigation into the issue. It was revealed that the phishing ads were not limited to Etherscan but were also found on other known phishing websites, as well as popular search engines and social media platforms.
Further investigation into the phishing campaign revealed that it was linked to a draining service that had successfully phished a six-figure sum from a victim. Renowned on-chain detective ZachXBT shared the address of the theft, which was found to contain 87.08 Ethereum, equivalent to approximately $298,972 at the time. The scammer also held other tokens and coins, including OPSEC, PEPE, and Ethena. While suspicions point towards the notorious cyber phishing organization Angel Drainer as the orchestrator of the attack, concrete evidence of the perpetrators remains elusive.
The modus operandi of the wallet drainer scam involves luring users to counterfeit websites and convincing them to link their crypto wallets. Once linked, scammers can drain funds into their personal wallet addresses without requiring user authentication or permission. Chief Information Security Officer 23pds from blockchain security firm SlowMist issued a warning advising users to be cautious due to the presence of phishing ads on Etherscan. Phishing attacks on crypto users have led to substantial losses, with nearly $300 million stolen from over 324,000 victims in 2023 through wallet drainers alone, according to Scam Sniffer.
Phishing attacks remain a significant threat to crypto users, with losses already exceeding $100 million in 2024. Data from Scam Sniffer indicates that phishing attacks scammed around 97,000 crypto users of $104 million in the first few months of the year. Ethereum users suffered the most damage, losing $78 million in assets, including ETH and ERC20 tokens, through tactics such as tricking victims into signing harmful phishing signatures like “Uniswap Permit2” and “increaseAllowance.” The majority of thefts of ERC20 tokens were due to assets being stolen as a result of signing phishing signatures like Permit, IncreaseAllowance, and Uniswap Permit2.
Scam Sniffer also found that many victims were deceived by false comments on social media platforms, particularly Twitter. Attackers often pose as reputable cryptocurrency organizations to lure unsuspecting individuals to phishing sites where their digital assets are stolen. Despite efforts to combat these scams, phishing gangs frequently relocate their operations to different platforms, posing a persistent challenge in fighting fraudulent activities in the crypto space. As the prevalence of phishing attacks continues to rise and evolve, users are urged to remain vigilant and take necessary precautions to protect their assets and personal information from malicious actors operating in the crypto sector.