Originally published on: September 28, 2024
A recent phishing attack targeted a wallet ending in “e57” on Sept. 27, costing the user 12,083 Spark Wrapped Ethereum tokens (spWETH) worth $32 million. Security experts at CertiK reported that 10,000 spWETH, valued at around $26 million, was initially transferred to a wallet starting with “0x471c.” Subsequently, a portion of these funds was dispersed to four other wallets.
The cybercriminals sent 1,750 Ether (ETH) to a wallet beginning with “0x105c,” 2,613 ETH to one starting with “0x278d,” another 3,730 ETH to an address beginning with “0x408d,” and roughly 1,865 ETH to one starting with “0xfaf2.”
It is suspected that the compromised wallet could belong to Shixing Mao, the founder of F2Pool, although this has not been confirmed. This incident underscores the increasing threat of phishing attacks in the crypto world.
Phishing attacks in the crypto space have been on the rise, with a 215% increase reported in August 2024 alone. Data from Arkham Intelligence revealed that total losses from malicious attacks that month exceeded $66 million. Security experts cited a single wallet losing $55 million in a phishing attack targeting proxy ownership as a particularly alarming case.
In September 2024, security researchers discovered an upgraded version of the infamous Angel Drainer phishing software, now known as AngelX. This new software deployed over 300 phishing decentralized applications (DApps) in just four days, targeting newer blockchain networks like The Open Network and Tron. The advanced features of AngelX, including a highly customizable control panel, allow malicious actors to create sophisticated phishing scams with ease.
Furthermore, a report from Scam Sniffer in September identified fraudulent Etherscan sites displayed on search engine DuckDuckGo. These malicious links prompt users to connect their MetaMask wallets, giving hackers access to their funds once connected.
The financial impact of phishing attacks on the cryptocurrency community underscores the importance of maintaining vigilance and adopting robust security measures to protect digital assets from cyber threats.
