In a startling revelation on April 8, the Ethereum blockchain explorer Etherscan became the focal point of a significant phishing campaign, potentially compromising the security of its vast user base. A vigilant community member known as McBiblets brought to light the malicious intent behind some of Etherscan’s advertisements, identifying them as wallet drainers designed to redirect users to phishing websites.
This alarming discovery prompted further scrutiny, unveiling that the phishing ads found on Etherscan bore similarities to those on well-known phishing platforms. Leveraging McBiblets’ initial findings, Scam Sniffer, a renowned Web3 anti-scam platform, undertook a comprehensive investigation. Their research confirmed that the threat extended beyond Etherscan, with the same phishing ads infiltrating popular search engines such as Google, Bing, and DuckDuckGo, as well as the social media platform X.
Scam Sniffer attributed the widespread nature of this phishing campaign to a notable oversight by advertisement aggregators, specifically naming Coinzilla and Persona. These platforms, according to Scam Sniffer, failed to implement rigorous filtering mechanisms, inadvertently facilitating the spread of phishing attempts.
The modus operandi of the wallet drainer scam is deceptively simple yet devastatingly effective. Victims are enticed into visiting counterfeit websites where they are prompted to connect their cryptocurrency wallets. Once linked, scammers can effortlessly transfer funds to their own wallets without requiring user authentication or permission.
Echoing the concerns raised by community members and Scam Sniffer, SlowMist’s Chief Information Security Officer, known as 23pds, issued a cautionary statement regarding the presence of phishing ads on Etherscan, succinctly advising users to remain vigilant.
The phishing operation targeting Etherscan users is believed to be the handiwork of Angel Drainer, a notorious cyber phishing organization. Despite the absence of definitive evidence pinpointing the scammers’ identities, the threat they pose is undeniable. In 2023 alone, crypto phishing scams orchestrated by such entities swindled nearly $300 million from over 324,000 unsuspecting victims through wallet drainers.
Scam Sniffer’s findings highlight a disturbing trend: even as specific phishing operations are dismantled, the perpetrators simply migrate their nefarious activities to new platforms. This persistence underscores the challenges faced in combatting phishing, particularly in the digital currency domain where platforms inadvertently offer services that scammers exploit with alarming ease.
