A cryptocurrency wallet lost $32 million worth of Spark Wrapped Ethereum (spWETH) on September 27, 2024, in a well-coordinated phishing scam. According to blockchain security firm CertiK, the wallet, ending in “e57,” was tricked into transferring 12,083 spWETH tokens to various destinations, with initial funds sent to a wallet starting with “0x471c.”
Breakdown of the Heist
The attack involved multiple wallet transfers:
- 1,750 Ether (ETH) was sent to a wallet starting with “0x105c.”
- 2,613 ETH transferred to another wallet beginning with “0x278d.”
- 3,730 ETH landed in an address starting with “0x408d.”
- Finally, 1,865 ETH moved to a wallet beginning with “0xfaf2.”
Altogether, these wallets received funds stolen in the attack, demonstrating the complexity and coordination of the hackers. While the full identity of the wallet’s owner remains unconfirmed, data from Arkham Intelligence suggests it may be linked to F2Pool founder Shixing Mao.
Phishing Attacks Surge in August 2024
Phishing attacks in the crypto world surged by 215% in August 2024, according to Scam Sniffer, a crypto security firm. Over 9,100 users were victimized, losing millions in digital assets. Scam Sniffer’s report showed that total losses exceeded $66 million for the month, including one particularly devastating attack that cost a single victim $55 million due to compromised proxy ownership.
Adding to the rising threat, a September 2024 report from Blockaid highlighted the launch of “AngelX,” an upgraded version of the notorious phishing software Angel Drainer. The new version deployed over 300 phishing decentralized applications (DApps) in just four days. AngelX’s new control panel allowed hackers to create increasingly sophisticated phishing attacks, primarily targeting emerging blockchain networks like The Open Network (TON) and Tron.
Phishing Links Displayed in Search Engines
Adding to the risk, search engines have unintentionally been displaying fraudulent links. Scam Sniffer reported on September 11 that DuckDuckGo unknowingly featured fake Etherscan sites. These fraudulent links urged users to connect their MetaMask wallets, enabling hackers to gain access to their funds once connected.
The growing sophistication of phishing attacks and the involvement of search engines in distributing malicious links highlight the need for increased vigilance in the crypto space.
