The Web3 anti-scam platform Scam Sniffer has exposed a massive phishing operation responsible for the theft of millions in cryptocurrencies. This phishing campaign, orchestrated by an unidentified hacker, primarily operated through Google search and social media advertisements, successfully siphoned off about $58 million from over 63,000 victims in a mere nine months.
Scam Sniffer’s investigation began in March when they initially detected suspicious activities. The Slow Mist Team, a group specializing in blockchain security, corroborated these findings in April. Scam Sniffer again observed the hacker’s activities towards the end of April, this time involving Google search ad phishing.
The Intricacies of the Phishing Operation
This elaborate scheme employed by the hacker involved intricate methods to evade detection and trick victims. One such method included the use of regional targeting and page-switching tactics, which made it challenging for ad audits to identify the malicious nature of these ads. Consequently, these ads, appearing legitimate, passed the review process and reached potential victims.
Another tactic was the use of redirect tricks in the phishing ads. These ads mimicked official domains, directing unsuspecting users to phishing sites that appeared authentic. This level of sophistication in the phishing campaigns underscores the increasing complexity and danger of crypto scams.
ZachXBT, a prominent blockchain investigator, recently highlighted the severity of this issue. He discovered nine phishing ads on a popular social media platform, with more than half traced back to the same wallet drainer utilized in these scams.
Rise in Crypto-Related Scams
The cryptocurrency world has recently seen an uptick in sophisticated scams. One such incident involved NFT Trader, a peer-to-peer trading platform for Non-Fungible Tokens (NFTs). The platform suffered a significant hack, leading to the loss of valuable NFTs worth millions. Investigations revealed that outdated smart contracts were the entry point for the hackers.
In response, NFT Trader urged its users to revoke permissions granted to these compromised contracts. The primary perpetrator of this hack even left a message on the blockchain, shifting blame to another user and offering to return the stolen tokens for a ransom.
These incidents underscore the urgent need for increased vigilance and enhanced security measures in the cryptocurrency and NFT spaces. As the industry continues to evolve, so do the methods employed by cybercriminals, making it imperative for investors and platforms to stay informed and cautious.