According to crypto security firm Scam Sniffer, 9,145 users were victims of phishing attacks during August 2024, losing funds as a result.
A wallet ending in “e57” fell prey to a sophisticated phishing attack on Sept. 27 that left the wallet drained of 12,083 Spark Wrapped Ethereum tokens (spWETH), valued at $32 million.
According to security firm CertiK, 10,000 spWETH, valued at approximately $26 million, was initially sent to a wallet beginning with “0x471c.” A portion of these funds was subsequently transferred to 4 additional wallets.
1,750 Ether was transferred to a wallet beginning with the characters “0x105c”, 2,613 ETH was sent to a wallet starting with “0x278d”, an additional 3,730 ETH to an address beginning with “0x408d”, and, finally, approximately 1,865 ETH was transferred to an address beginning in “0xfaf2.”
Source: CertiK Alert.
Data from Arkham Intelligence revealed that the compromised wallet may belong to F2Pool founder Shixing Mao; however, this information has yet to be verified.
Phishing attacks on the rise in August 2024
In August 2024, crypto phishing attacks rose sharply by 215%. According to security firm Scam Sniffer’s August phishing report, total losses from the malicious attacks for the month exceeded $66 million. The security firm identified one wallet that lost a whopping $55 million in a single phishing attack targeting the victim’s proxy ownership.
A September 2024 report from Blockaid revealed that the infamous Angel Drainer — malicious phishing software that targets cryptocurrency users — was upgraded to the newer AngalX. The newly upgraded phishing software deployed more than 300 phishing decentralized applications (DApps) within only four days.
At the time, a Blockaid spokesperson expressed concern that the upgraded AngelX phishing suite targeted “newer” blockchain networks such as The Open Network and Tron. One of the most alarming features of AngelX is a newly upgraded control panel — giving malicious actors unparalleled control to create customized and increasingly sophisticated phishing scams.
Search engines unknowingly feature malicious phishing links
A Sept. 11 report from Scam Sniffer revealed that search engine DuckDuckGo displayed fraudukent Etherscan sites. The security firm warned that these malicious links prompt users to connect MetaMask wallets — leading to hackers being able to access funds once the wallets are connected.