The user lost $32 million in SWETH to a sophisticated phishing attack.
A wallet ending in “e57” fell victim to a sophisticated phishing attack on September 27, which drained the wallet of 12,083 Spark Wrapped Ethereum tokens (spWETH) worth $32 million.
According to security firm Certike, 10,000 spWETH, worth around $26 million, were first sent to a wallet at “0x471c”. A portion of these funds were transferred to 4 additional wallets.
1,750 Ether (ETH) was sent to a wallet starting with the characters “0x105c”, 2,613 ETH was sent to a wallet starting with “0x278d”, an additional 3,730 ETH was transferred to an address starting with “0x408d”, and finally, approximately 1,865 ETH was transferred to an address starting with “0xfaf2”.
Source: CertiK alert
According to information from Arkham Intelligence, the compromised wallet may belong to Shixing Mao, the founder of F2Pool; However, this information has not yet been confirmed.
Related: Decentraland X account hacked, phishing scam targets MANA airdrop
Phishing attacks are on the rise in August 2024.
In the year In August 2024, crypto phishing attacks increased significantly by 215%. According to security firm Scam Sniffer's August phishing report, total losses from malicious attacks in the month exceeded $66 million. The security firm identified one wallet that lost $55 million in a single phishing attack targeting the victim's proxy ownership.
In September 2024, a report from Blockaid revealed that the infamous Angel Drainer – a malicious phishing software targeting cryptocurrency users – has been upgraded to the new AngelX. The newly developed phishing software deployed more than 300 phishing decentralized applications (DApps) in four days.
At the time, a Blockchain spokesperson expressed concern that the updated AngelX phishing kit was targeting “new” blockchain networks like The Open Network (TON) and Tron (TRX). One of AngelX's most impressive features is its newly improved control panel – giving malicious actors unparalleled control to create customized and increasingly sophisticated phishing scams.
Search engines unknowingly display malicious phishing links
A September 11 report from the Scam Sniffer of search engine DuckDuckGo revealed fraudulent EtherScan sites. The security firm warned that these malicious links prompt users to connect MetaMask wallets – which hackers can access funds after the wallets are connected.
Magazine: Bankroll Network DeFi Hacked, $50M Phisher Moves Crypto On CoW: Crypto-Sec
