Major Phishing Campaign Targets Etherscan Users
The campaign lures users to fake websites, draining their wallets without consent
April 8, 2024 10:46 AM
Reading time: 1 minute, 40 seconds
TL;DR A significant phishing campaign targeting Etherscan users has been discovered. Advertisements on the Ethereum blockchain explorer act as conduits to phishing sites. Investigations have traced similar ads across search engines and social media, pointing to a larger issue with ad aggregators' filtering mechanisms.
A recent discovery by a community member known as McBiblets has unveiled a major phishing campaign targeting users of Etherscan, the Ethereum blockchain explorer.
On April 8, McBiblets noticed certain advertisements on Etherscan that acted as wallet drainers, immediately raising alarms about the potential dangers of clicking on these ads. This finding has led to deeper investigations revealing a broader issue at hand.
Following McBiblets' initial report, the Web3 anti-scam platform Scam Sniffer took the lead in investigating the matter further.
Their research indicated that the phishing advertisements found on Etherscan were not isolated incidents. Similar ads were identified across popular search engines like Google, Bing, and DuckDuckGo, as well as on social media platform X. This widespread presence suggests a coordinated effort to exploit users across multiple platforms.
The source of these malicious advertisements appears to stem from the advertisement aggregators used by Etherscan, such as Coinzilla and Persona. Scam Sniffer pointed out that these platforms might lack the necessary filtering mechanisms to sift out phishing attempts, making it easier for scammers to reach potential victims.
"Etherscan aggregates ads from platforms like Coinzilla and Persona, where insufficient filtering could lead to exposure to phishing attempts," noted Scam Sniffer in their report.
The phishing scheme typically involves directing users to counterfeit websites where they are prompted to link their crypto wallets.
Once connected, the scammers can siphon off funds without requiring further authentication or permission from the user. Blockchain security firm SlowMist's chief information security officer, known as 23pds, also issued warnings regarding these deceptive advertisements.
While the identity of the perpetrators remains unclear, the notorious phishing group Angel Drainer is suspected of orchestrating this campaign. Despite the lack of concrete evidence pinpointing the scammers, the impact of such phishing attacks is undeniable.
In 2023 alone, crypto phishing scams have defrauded victims of nearly $300 million, affecting over 324,000 individuals. Scam Sniffer's insights reveal a grim reality where, even as some phishing operations shut down, others quickly take their place, highlighting the persistent threat posed by these cybercriminals.