Large-scale phishing campaign detected on Etherscan ads

The scale of crypto phishing ads has reached over $300 million stolen from over 324,000 victims through wallet drainers in 2023 alone.

Hacking group launches a phishing ad campaign against crypto websites.

Share this article

A widespread phishing campaign has been uncovered, targeting users of the popular Ethereum blockchain explorer Etherscan through malicious advertisements.

These ads, which appear on Etherscan and various other platforms, aim to lure unsuspecting users into connecting their cryptocurrency wallets to fraudulent websites, ultimately leading to the theft of their funds.

The phishing campaign was first brought to light by crypto X community member McBiblets, who identified several advertisements on Etherscan as wallet drainers.

According to the initial analysis, these ads redirect users to phishing websites designed to steal their cryptocurrency. Further investigations by Web3 anti-scam platform Scam Sniffer revealed that the malicious advertisements had spread beyond Etherscan, appearing on popular search engines such as Google, Bing, and DuckDuckGo, as well as the social media platform X.

“Etherscan aggregates ads from platforms like Coinzilla and Persona, where insufficient filtering could lead to exposure to phishing attempts,” Scam Sniffer noted.

The wallet drainer scam operates by enticing users to connect their crypto wallets to fake websites. Once the wallet is linked, the scammer gains the ability to withdraw funds into their own wallet addresses without requiring user authentication or permission.highlighting the potential lack of oversight from advertisement aggregators as a contributing factor to the widespread nature of the phishing campaign.

Pseudonymous SlowMist CISO (chief information security officer) 23pds also issued caution against the phishing ads on Etherscan, urging users to be careful against such ads.

While the infamous cyber phishing organization Angel Drainer is suspected of orchestrating this ongoing phishing campaign, concrete evidence regarding the scammers’ identity remains elusive at present.

The scale and impact of crypto phishing scams have been significant, with nearly $300 million stolen from over 324,000 victims through wallet drainers in 2023 alone. Scam Sniffer’s report also highlights the resilience of these “phishing gangs,” noting that even when drainers are shut down, scammers often relocate their operations to other platforms that continue to provide services for their illicit activities.

Share this article

Loading...