Wallets ending in “e57” fell victim to a sophisticated phishing attack on September 27th. This resulted in 12,083 Spark Wrapped Ethereum tokens (spWETH) worth $32 million being leaked from the wallet.
According to security firm CertiK, 10,000 spWETH, worth about $26 million, was initially transferred to a wallet starting with “0x471c”. Some of these funds were later transferred to four additional wallets.
1,750 Ether (ETH) was sent to a wallet starting with the characters “0x105c”, 2,613 ETH was sent to a wallet starting with “0x278d”, an additional 3,730 ETH was sent to an address starting with “0x408d”, and finally Approximately 1,865 ETH was sent to an address starting with “0xfaf2”.
source: CertiK warning.
According to data from Arkham Intelligence, the compromised wallet may belong to F2Pool founder Shixing Mao. However, this information has not yet been confirmed.
relevant: Decentraland X account hacking, phishing scam targets MANA airdrops.
Phishing attacks increase in August 2024
Cryptocurrency phishing attacks surged 215% in August 2024. Total losses from malicious attacks this month exceeded $66 million, according to security firm Scam Sniffer’s August phishing report. The security firm identified one wallet that lost as much as $55 million in a single phishing attack targeting the victim’s proxy ownership.
According to a September 2024 report from Blockaid, the infamous Angel Drainer, a malicious phishing software targeting cryptocurrency users, has been upgraded to the latest AngelX. The newly upgraded phishing software deployed more than 300 phishing distributed applications (DApps) in just four days.
At the time, a Blockaid spokesperson expressed concern that the upgraded AngelX phishing suite had targeted “modern” blockchain networks such as The Open Network (TON) and Tron (TRX). One of AngelX’s most surprising features is its newly upgraded control panel, which gives malicious actors unparalleled control to create custom phishing scams.
Search engines often contain malicious phishing links without your knowledge.
A September 11 report from Scam Sniffer found that search engine DuckDuckGo flagged a fraudulent Etherscan site. The security firm warned that these malicious links could trick users into linking their MetaMask wallets, which could then give hackers access to their funds.
magazine: Bankroll Network DeFi Hacked, $50 Million Phishers Move Cryptocurrency in CoW: Crypto-Sec