User loses $32 million spWETH in a sophisticated phishing attack

A wallet ending in “e57” fell prey to a sophisticated phishing attack on Sept. 27 that left the wallet drained of 12,083 Spark Wrapped Ethereum tokens (spWETH), valued at $32 million.

According to security firm CertiK, 10,000 spWETH, valued at approximately $26 million, was initially sent to a wallet beginning with “0x471c.” A portion of these funds was subsequently transferred to 4 additional wallets.

1,750 Ether was transferred to a wallet beginning with the characters “0x105c”, 2,613 ETH was sent to a wallet starting with “0x278d”, an additional 3,730 ETH to an address beginning with “0x408d”, and, finally, approximately 1,865 ETH was transferred to an address beginning in “0xfaf2.”

Source: CertiK Alert.

Data from Arkham Intelligence revealed that the compromised wallet may belong to F2Pool founder Shixing Mao; however, this information has yet to be verified.

Phishing attacks on the rise in August 2024

In August 2024, crypto phishing attacks rose sharply by 215%. According to security firm Scam Sniffer’s August phishing report, total losses from the malicious attacks for the month exceeded $66 million. The security firm identified one wallet that lost a whopping $55 million in a single phishing attack targeting the victim’s proxy ownership.

A September 2024 report from Blockaid revealed that the infamous Angel Drainer — malicious phishing software that targets cryptocurrency users — was upgraded to the newer AngelX. The newly upgraded phishing software deployed more than 300 phishing decentralized applications (DApps) within only four days.

At the time, a Blockaid spokesperson expressed concern that the upgraded AngelX phishing suite targeted “newer” blockchain networks such as The Open Network and Tron. One of the most alarming features of AngelX is a newly upgraded control panel — giving malicious actors unparalleled control to create customized and increasingly sophisticated phishing scams.

Search engines unknowingly feature malicious phishing links

A Sept. 11 report from Scam Sniffer revealed that search engine DuckDuckGo displayed fraudulent Etherscan sites. The security firm warned that these malicious links prompt users to connect MetaMask wallets — leading to hackers being able to access funds once the wallets are connected.

Main, News

Leave a Reply

Your email address will not be published. Required fields are marked *