According to Cointelegraph: A user recently lost $32 million worth of Spark Wrapped Ethereum (spWETH) in a sophisticated phishing attack, marking one of the latest and most significant crypto heists of 2024. The attack, which took place on September 27, targeted a wallet ending in "e57," draining it of 12,083 spWETH tokens. This incident comes amidst a sharp rise in phishing scams in the crypto space.
Attack Details and Fund Transfers
According to security firm CertiK, the stolen tokens — approximately 10,000 spWETH worth $26 million — were first transferred to a wallet beginning with "0x471c." The funds were subsequently dispersed to four additional wallets:
1,750 Ether (ETH) to wallet "0x105c"
2,613 ETH to wallet "0x278d"
3,730 ETH to address "0x408d"
Approximately 1,865 ETH to "0xfaf2"
Crypto analytics firm Arkham Intelligence suggested that the compromised wallet may belong to F2Pool founder Shixing Mao, though this has yet to be officially confirmed.
Phishing Attacks Spike in August 2024
Phishing attacks within the cryptocurrency space have been on the rise, with August 2024 seeing a 215% spike in such incidents. According to crypto security firm Scam Sniffer, total losses due to phishing attacks in August exceeded $66 million. In one instance, a single wallet suffered a loss of $55 million from a phishing attack targeting proxy ownership.
Source: CertiK Alert
A separate report from Blockaid in September 2024 highlighted an upgrade in phishing tactics by the infamous Angel Drainer software, now upgraded to AngelX. This new version of the phishing software deployed over 300 phishing decentralized applications (DApps) in just four days. AngelX's control panel offers malicious actors enhanced capabilities to create increasingly sophisticated phishing scams, making it particularly concerning for blockchain networks such as The Open Network and Tron.
Search Engines Featuring Malicious Phishing Links
Adding to the growing problem, search engines have unknowingly contributed to the spread of these scams. On September 11, Scam Sniffer revealed that search engine DuckDuckGo had inadvertently displayed fraudulent Etherscan sites. These malicious links prompt users to connect their MetaMask wallets, potentially giving hackers access to user funds.
Conclusion
As crypto phishing attacks continue to rise, with losses reaching tens of millions of dollars, the recent spWETH theft serves as a stark reminder of the vulnerabilities in the crypto ecosystem. Enhanced security measures, greater user education, and vigilance are more important than ever to prevent such high-profile losses. The increasing sophistication of phishing tools like AngelX and the appearance of malicious links on legitimate platforms underline the urgent need for heightened awareness among crypto users and industry participants.