A recent phishing attack resulted in a crypto whale losing over $32 million in tokens, according to reports by blockchain security firm ScamSniffer. The incident involved the theft of 12,083 wrapped ether tokens (spWETH) linked to the DeFi protocol Spark. The attack was orchestrated using a notorious scam-as-a-service tool called Inferno Drainer, which creates fake versions of popular DeFi applications to deceive users into signing transactions that hand over control of their wallets. Despite being shut down in November 2023, Inferno Drainer resurfaced in May 2024 with claims of improved features and support for multiple blockchains and DeFi apps. The victim of the phishing attack remains unidentified, but transactions from the compromised wallet were linked to a whale known as CZSamSun.
Blockchain analytics firm LookOnChain advised users to exercise caution and avoid unfamiliar links to prevent falling prey to similar attacks. The victim’s wallet was linked to the user DiscusFish, and LookOnChain urged users not to click on unknown links or sign unknown signatures to prevent phishing attempts. The victim offered a 20% reward for the return of the stolen funds, but no response has been received from the alleged scammer. The incident highlights the risks associated with phishing attacks in the crypto space and emphasizes the importance of verifying transactions before signing to prevent unauthorized access to wallets.
In a separate incident, a fraudulent cryptocurrency wallet app named WalletConnect on Google Play reportedly stole $70,000 from users in a sophisticated scam targeting mobile users exclusively. The deceptive app mimicked the reputable WalletConnect protocol but was designed as a scheme to drain crypto wallets. Check Point Research (CPR), the cybersecurity firm that uncovered the scam, revealed that over 10,000 users were deceived into downloading the fraudulent app. The scammers took advantage of the challenges faced by web3 users, such as compatibility issues and the lack of widespread support for WalletConnect across different wallets, to market the fake app as a solution to these problems.
Cybersecurity scammers are also using automated email replies to compromise systems and deliver stealthy crypto mining malware. This tactic follows the identification of the “Cthulhu Stealer” malware that targets MacOS systems and disguises itself as legitimate software to steal personal information, including MetaMask passwords, IP addresses, and cold wallet private keys. These incidents underscore the importance of maintaining vigilance and adopting best practices to protect against phishing attacks and malware threats in the crypto space. It is essential for users to avoid unknown links, verify transactions before signing, and stay informed about emerging threats to safeguard their digital assets and personal information. By remaining cautious and proactive, users can mitigate the risks associated with cyber threats and enhance the security of their crypto holdings.