Crypto Flexs
  • DIRECTORY
  • CRYPTO
    • ETHEREUM
    • BITCOIN
    • ALTCOIN
  • BLOCKCHAIN
  • EXCHANGE
  • TRADING
  • HACKING
  • SLOT
  • CASINO
  • SUBMIT
Crypto Flexs
  • DIRECTORY
  • CRYPTO
    • ETHEREUM
    • BITCOIN
    • ALTCOIN
  • BLOCKCHAIN
  • EXCHANGE
  • TRADING
  • HACKING
  • SLOT
  • CASINO
  • SUBMIT
Crypto Flexs
Home»ETHEREUM NEWS»$600,000 lost in cryptocurrency wallet due to ignored phishing attack
ETHEREUM NEWS

$600,000 lost in cryptocurrency wallet due to ignored phishing attack

By Crypto FlexsJanuary 27, 20244 Mins Read
Facebook Twitter Pinterest LinkedIn Tumblr Email
0,000 lost in cryptocurrency wallet due to ignored phishing attack
Share
Facebook Twitter LinkedIn Pinterest Email

On January 23, Wallet Connect and other web3 companies notified users about a phishing scam that was using email addresses from official web3 companies to steal funds from thousands of cryptocurrency wallets.

Massive phishing campaign

Wallet Connect uses X to notify the community about approved emails sent from email addresses associated with Wallet Connect. The email encouraged recipients to open a link to claim the airdrop, but the link led to a malicious site and, as confirmed by Wallet Connect, was not issued directly by the team or anyone involved. Wallet Connect contacted web3 security and privacy company Blockaid to further investigate the phishing scam.

We have detected a sophisticated phishing attack using identity theft. @WalletConnect Via fake emails linking to malicious dapps.

Blockaid supported wallets are safe: https://t.co/quz9olGrpZ pic.twitter.com/TYS0BjIk2J

— Block Aid (@blockaid_) January 23, 2024

Next time, cryptocurrency detective Posted CoinTelegraph, Token Terminal, and De.Fi team emails have also been compromised, with community alerts notifying unwitting users that a larger, more sophisticated phishing campaign is taking place. At the time of publishing, approximately $580,000 had been stolen.

After investigating, Blockaid later revealed that the attackers “were able to impersonate a web3 company by leveraging a vulnerability in email service provider MailerLite.”

Email phishing scams are common among cyber fraudsters, so users should be wary of the most suspicious links or emails. At the same time, companies and organizations are advised not to open links that do not come from official channels. In this case, because the malicious link came from the company’s official email address, the attacker was able to fool numerous users of the company.

This compromise allowed attackers to send persuasive emails with malicious links attached to wallet-draining websites. Specifically, this link led to several malicious dApps leveraging Angel Drainer Group infrastructure.

As Bloackaid explains, the attackers took advantage of data previously provided to Mailer Lite because they had previously been given access by these companies to send emails on behalf of these sites’ domains. It is specifically detailed using existing DNS records. Thread:

Specifically, they used “dangling DNS” records created and associated with Mailer Lite (previously used by these companies). Even after an account is closed, these DNS records remain active, providing an opportunity for attackers to claim and impersonate these accounts. pic.twitter.com/cbTpc5MXu1

— Block Aid (@blockaid_) January 23, 2024

MailerLite explains security breach

The explanation came later via email, in which MailerLite explained that its investigation revealed that a member of its customer support team had inadvertently become the initial point of compromise. As explained in the email:

A team member responding to a customer inquiry through the support portal clicked on an image that deceptively linked to a fraudulent Google sign-in page. Entering credentials there by mistake gave the perpetrator access to their account. The intrusion was inadvertently authenticated by a team member through cell phone verification, and was believed to be a legitimate access attempt. This breach allowed the perpetrators to infiltrate internal management panels.

MailerLite added that the attackers reset specific users’ passwords in the admin panel to further consolidate unauthorized control. This control gave them access to 117 accounts, of which they only focused on cryptocurrency-related accounts for their phishing campaigns.

An anonymous Reddit user posted an analysis of the situation and took a closer look at the attacker’s transactions. The user stated:

One victim wallet appears to have lost 2.64 million XB tokens. There are about 2.7M in the phishing wallet of 0xe7D13137923142A0424771E1778865b88752B3c7, and 518.75K went into 0xef3d9A1a4Bf6E042F5aaebe620B5cF327ea05d4D.

Users said most of the stolen funds were in the first phishing address. At the same time, about $520,000 worth of ETH was transferred to the privacy protocol Railgun, which he believes will soon move through other mixers or exchanges.

  ETH is trading at $2,232.92 in the hourly chart. Source: ETHUSDT on TradingView.com

Featured image from Unsplash.com, chart from TradingView.com

Disclaimer: This article is provided for educational purposes only. This does not represent NewsBTC’s opinion on whether to buy, sell or hold any investment, and of course investing carries risks. We recommend that you do your own research before making any investment decisions. Your use of the information provided on this website is entirely at your own risk.

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

Next chapter of ecosystem support program

August 31, 2025

Kindly, MD’s $ 5B Bitcoin Play comes as DATS raises fear of wider Altcoin fluidity.

August 27, 2025

Bitcoin News Today: Ether (ETH) is 5K $ 5K and BTC Eyes is recorded as Powell Sparks Rally. DAT transaction risk: Be careful with asset managers

August 23, 2025
Add A Comment

Comments are closed.

Recent Posts

Cango Inc. Announces August 2025 Bitcoin Production And Mining Operations Update

September 2, 2025

BitMine Immersion (BMNR) Announces Release Of August Investor Presentation And Latest Video Message From Tom Lee, Chairman

September 2, 2025

Pioneering AI Visionary Vincent Boucher & AGI Alpha Announce A Meta‑Agentic AGI Jobs Marketplace Platform

September 2, 2025

Meme Coin Little Pepe Raises Above $24M In Presale With Over 39,000 Holders

September 2, 2025

Bybit WSOT 2025 Attracts Quadruple Squads As $8M Main Competition Commences

September 2, 2025

Duration Of The Process And Important Nuances

September 2, 2025

PrimeXBT Launches “Empowering Traders To Succeed” Campaign, Leading A New Era Of Trading

September 2, 2025

Korean sleeves cut Tesla and pivot with encryption stocks.

September 2, 2025

Are you ready to token everything?

September 1, 2025

Sign Up And Get $500, Ushering In A New Era Of BTC, XRP, And DOGE Cloud Mining

September 1, 2025

Turning Social Hype Into Token Allocation

September 1, 2025

Crypto Flexs is a Professional Cryptocurrency News Platform. Here we will provide you only interesting content, which you will like very much. We’re dedicated to providing you the best of Cryptocurrency. We hope you enjoy our Cryptocurrency News as much as we enjoy offering them to you.

Contact Us : Partner(@)Cryptoflexs.com

Top Insights

Cango Inc. Announces August 2025 Bitcoin Production And Mining Operations Update

September 2, 2025

BitMine Immersion (BMNR) Announces Release Of August Investor Presentation And Latest Video Message From Tom Lee, Chairman

September 2, 2025

Pioneering AI Visionary Vincent Boucher & AGI Alpha Announce A Meta‑Agentic AGI Jobs Marketplace Platform

September 2, 2025
Most Popular

Uniswap surges DEX trading volume with total volume reaching $544 trillion.

October 17, 2024

How Does AIXA Mining Break Traditional Barriers?

July 18, 2025

Binance Revises VIP Program: New Spot and Margin Trading Fees for VIP Users

July 13, 2024
  • Home
  • About Us
  • Contact Us
  • Disclaimer
  • Privacy Policy
  • Terms and Conditions
© 2025 Crypto Flexs

Type above and press Enter to search. Press Esc to cancel.