Your resource for web content, online publishing
and the distribution of digital products.
S M T W T F S
 
 
 
 
 
1
 
2
 
3
 
4
 
5
 
6
 
7
 
8
 
9
 
 
 
 
 
 
 
 
 
18
 
19
 
20
 
21
 
22
 
23
 
24
 
25
 
26
 
27
 
28
 
29
 
30
 

$32M in spWETH Stolen in a Major Phishing Attack

DATE POSTED:September 29, 2024
Key Takeaways
  • Arkham Intelligence suggests that the compromised account could belong to Shixing Mao, founder of F2Pool,
  •  The latest phishing scam appears to be linked to the “Inferno Drainer,”

A high-profile phishing attack on Sept. 27 resulted in the theft of 12,083 Spark Wrapped Ethereum (spWETH) tokens, valued at $32 million, from a crypto wallet identified by its last characters, “e57.”

Blockchain security firm CertiK reported that the stolen assets, worth approximately $26 million, were initially transferred to a wallet starting with “0x471c.” From there, the funds were distributed among four other wallets, including 1,750 Ether sent to “0x105c,” 2,613 Ether to “0x278d,” and further amounts to “0x408d” and “0xfaf2.”

While the identity of the wallet owner remains unconfirmed, data from blockchain intelligence firm- Arkham Intelligence suggests that the compromised account could belong to Shixing Mao, founder of F2Pool, one of the largest Bitcoin mining pools. However, this information has yet to be verified.

The latest phishing scam appears to be linked to the “Inferno Drainer,” a notorious fraud service targeting DeFi users. The Inferno Drainer operation combined phishing efforts with infrastructure designed to collect stolen digital assets. It became one of the biggest “crypto drainers” worldwide before its developers shut it down in November 2023.

According to blockchain analytics from Dune, Inferno Drainer has stolen over $215 million from more than 200,000 victims by tricking them into giving up control of their wallets through fake DeFi apps. This service, which takes a 20% commission from stolen funds, was initially shut down in 2023 but re-emerged in May 2024 with expanded capabilities across 28 blockchains.

Further alarming reports surfaced in September 2024 about an upgraded phishing tool known as AngelX. According to Blockaid, AngelX can quickly deploy hundreds of phishing decentralized applications (DApps) and target users on newer blockchain networks like The Open Network and Tron. The software’s advanced control panel gives scammers an edge in crafting more elaborate phishing scams.

Adding to these concerns, Scam Sniffer reported that search engine DuckDuckGo displayed fraudulent Etherscan links, tricking users into connecting their MetaMask wallets, which gave hackers control of their funds.

A message was later sent from the victim’s wallet offering a 20% reward for the return of the stolen funds. As of now, there has been no response from the alleged attacker.

This incident adds to the growing concerns about phishing attacks in the crypto world. A survey from WalletConnect revealed that nearly one in seven crypto users has fallen victim to such scams, with 14.4% reporting losses due to phishing.

August 2024 alone saw a sharp rise in phishing-related thefts, with a 215% increase in attacks and total losses exceeding $66 million, according to security firm Scam Sniffer. One wallet alone lost $55 million during that period. A Immunefi report revealed that in the third quarter of 2024, crypto hacks and scams amount to $413 million in losses