Lawrence Damilola
A new phishing scam has led to the theft of approximately $1.28 million worth of cryptocurrency. According to blockchain security firm PeckShieldAlert, the victim’s wallet was drained after signing a malicious phishing permit. The stolen assets include PEPE, APU, and MSTR tokens.
PeckShieldAlert identified the compromised wallet as 0xb0b8…40c7. The stolen assets consist of 108 billion PEPE tokens, 73.8 million APU tokens, and 165,000 MSTR tokens. The phishing address, labeled #Fake_Phishing442846, has been connected to the same group responsible for an earlier theft involving Spark Wrapped Ethereum (spWETH) tokens worth $32 million.
#PeckShieldAlert The address 0xb0b8…40c7 has been drained of ~$1.28M worth of cryptos, including 108B $PEPE, 73.8M $APU, and 165K $MSTR, after signing a #phishing permit signature.
— PeckShieldAlert (@PeckShieldAlert) October 14, 2024
The #phishing address #Fake_Phishing442846 is linked to the scammers who drained $32M worth of… pic.twitter.com/fq3a4DD0tD
Connection to Earlier Attack
The earlier incident happened on September 27, resulting in the theft of 12,083 spWETH tokens from a wallet ending in ‘e57.’ Blockchain intelligence firm Arkham Intelligence suggested that the compromised wallet may belong to Shixing Mao, the founder of F2Pool, although this information is unconfirmed. The group behind this attack transferred the stolen tokens to multiple wallets.
Data shows that cryptophishing scams have increased in recent months. CertiK reported that more than $46 million was lost in phishing attacks during September. Over 10,805 victims were affected by these scams, with the overall losses in the third quarter reaching $126 million. According to Spectrum Search, an average of 11,000 victims were targeted monthly during this period.
Victims of crypto phishing scams often fall prey to links shared through fake accounts on platforms like X (formerly Twitter) and Google ads. Once users click on these fraudulent links, their data, cryptocurrencies, or wallet access may be compromised.
CertiK provided details on the movement of funds following the attacks. In the September 27 incident, a large portion of the stolen spWETH tokens was transferred to several wallets, complicating efforts to track and recover the assets. The most recent attack observed the same tactics, as the stolen PEPE, APU, and MSTR tokens were transferred to other wallets.
Read More
- Canadian Crypto Exchange ezBtc Faces Major Scandal Over Misappropriation of $9.5 Million in Bitcoin and Ether
- Hong Kong SFC Seeks Feedback on Licensing Regime for Crypto OTC Services
- South Korean Soldiers Found Trading Military Secrets for Crypto: Report
Lawrence does not hold any crypto asset. This article is provided for informational purposes only and should not be construed as financial advice. The Shib Magazine and The Shib Daily are the official media and publications of the Shiba Inu cryptocurrency project. Readers are encouraged to conduct their own research and consult with a qualified financial adviser before making any investment decisions.
