A notable phishing campaign aimed at users of the Ethereum blockchain explorer Etherscan has been uncovered, revealing several advertisements associated with the deceptive operation.
This campaign was brought to attention by a user on X, who flagged the presence of potentially harmful phishing scam ads.
Warning Issued After Phishing Campaign Targets Etherscan Users
On April 8th, McBiblets raised concerns about specific advertisements displayed on Etherscan, warning users about the potential risk of being redirected to phishing websites upon interaction with these ads.
Subsequent investigations uncovered that these phishing ads were not confined to Etherscan alone; they were also identified on several well-known phishing websites. In response to the alert, the web3 security platform Scam Sniffer promptly initiated an investigation.
Shortly thereafter, Scam Sniffer officially confirmed the presence of a new scam via their X account.
According to Scam Sniffer, Etherscan aggregates ads from platforms such as Coinzilla & Persona, where inadequate filtering mechanisms could expose users to phishing attempts.
Scam Sniffer’s investigation revealed the widespread nature of the phishing campaign, indicating that the deceptive advertisements were not limited to Etherscan but were also appearing on major search engines like Google, Bing, DuckDuckGo, as well as on various social media platforms.
Renowned blockchain analyst ZachXBT conducted further investigation, revealing that the phishing activities on Etherscan were connected to a wallet-draining service. Additionally, ZachXBT disclosed that this service had successfully siphoned a six-figure sum from a victim.
ZachXBT also provided the address associated with the theft. Upon examination on-chain, it was discovered that the wallet contained 87.08 Ethereum (ETH), valued at approximately $298,972 at the time of reporting.
Furthermore, in addition to the aforementioned Ethereum, the scammer possessed other tokens and coins, including $25,375 worth of OPSEC, $9,642 worth of PEPE, and $4,207 worth of Ethena (ENA).
Although the notorious cyber phishing organization Angel Drainer is suspected of orchestrating this ongoing attack against Etherscan users, concrete evidence regarding the perpetrators remains elusive.
The modus operandi of the wallet drainer scam involves luring users to counterfeit websites and prompting them to link their crypto wallets. Once linked, scammers can siphon funds into their personal wallet addresses without requiring user authentication or permission.
Chief Information Security Officer 23pds from the blockchain security firm SlowMist underscored the warning, advising users to exercise caution due to the presence of phishing ads on Etherscan.
Phishing Attacks on Crypto Users Lead to $300 Million in Losses in 2023, Reports Scam Sniffer
Phishing attacks represent a significant threat to cryptocurrency users, with Scam Sniffer reporting that nearly $300 million was stolen from over 324,000 victims through wallet-draining schemes in 2023 alone.
According to data from Scam Sniffer, phishing attacks targeted approximately 97,000 crypto users, resulting in losses of $104 million in the first few months of this year. January saw losses of $55 million, followed by $46.8 million in February.
Ethereum users bore the brunt of these attacks, experiencing losses totaling $78 million in assets, including ETH and ERC20 tokens. The primary tactic employed by cybercriminals involved tricking victims into authorizing harmful phishing signatures such as “Uniswap Permit2” and “increaseAllowance,” granting unauthorized access to their funds.
“Most of the ERC20 token thefts occurred due to victims signing phishing signatures like Permit, IncreaseAllowance, and Uniswap Permit2,” explained Sniffer in a statement.
Furthermore, Scam Sniffer found that a majority of victims fell prey to false comments on social media platforms, particularly X. Attackers often masqueraded as reputable cryptocurrency organizations to lure unsuspecting individuals to phishing sites where their digital assets were stolen.
Despite efforts to dismantle such scams, Scam Sniffer notes that “phishing gangs” frequently relocate their operations to different platforms, indicating an ongoing challenge in combating fraudulent activities within the crypto space.