Three Cryptocurrency Users Lose $876,000 in Scams
/ 4 min read
Quick take - In a recent series of on-chain scams, three cryptocurrency users lost a total of $876,000 in assets within 15 hours, highlighting the ongoing risks associated with digital currencies and the sophisticated tactics employed by scammers.
Fast Facts
- Three cryptocurrency users lost a total of $876,000 in a series of on-chain scams within 15 hours, highlighting ongoing risks in digital currencies.
- Scammers employed tactics like ‘approval phishing’ and ‘address poisoning,’ with the largest theft involving a malicious ‘permit’ transaction that cost one user 211 stETH worth $654,000.
- Wallet ‘drainers’ and social engineering tactics, such as enticing airdrop announcements, are commonly used to lure victims into scams.
- In October, around 12,000 victims reported losses of $20.2 million from crypto phishing scams, despite a 56% decrease in total losses compared to the previous month.
- Users are advised to exercise caution by double-checking URLs, revoking active approvals, and being wary of transactions they do not fully understand.
Surge in Cryptocurrency Scams Results in $876,000 Loss
In a recent surge of on-chain scams, three cryptocurrency users collectively lost $876,000 in assets within a span of just 15 hours. This series of incidents underscores the ongoing risks associated with digital currencies.
Scamming Tactics and Techniques
The account Scam Sniffer on X, formerly known as Twitter, reported these incidents. The scams involved sophisticated tactics such as ‘approval phishing’ and ‘address poisoning.’ The largest theft occurred when a user inadvertently signed a malicious ‘permit’ transaction, resulting in the loss of 211 Lido-staked ether (stETH), valued at approximately $654,000. The malicious contract was cleverly disguised as a legitimate token, showcasing the deceptive strategies employed by scammers.
Scammers often utilize wallet ‘drainers,’ which are malware packages that facilitate fraudulent activities. These drainer packages are frequently spread through hacked accounts on social media platforms like X. To lure victims, scammers may use social engineering tactics, including posting enticing announcements about airdrops or token launches. Additionally, SIM-swapping remains a prevalent method for scammers to gain control over victims’ accounts. Another common tactic is ‘front-end’ attacks, where scammers hijack genuine domains of crypto platforms to execute malicious transactions.
Notable Scams and Financial Impact
A drainer service known as Pink Drainer reportedly facilitated $75 million in thefts before ceasing operations. Following its retirement, the crypto security firm SlowMist identified over $20 million in addresses associated with these scams. Furthermore, the Inferno Drainer, which had previously stopped operations, recently cashed out 4,010 ETH, amounting to approximately $12.4 million, processed through a sanctioned crypto mixer.
In addition to the significant theft of stETH, two other victims experienced losses of 111,500 and 111,726 USDT due to ‘address poisoning’ scams. This method occurs when victims unknowingly copy a scammer’s address from contaminated transaction histories, often found on blockchain explorers like Etherscan. Scammers may create counterfeit versions of popular tokens or spoof transfers to mislead users. Despite efforts by blockchain explorers to obscure misleading transactions, losses from address poisoning remain prevalent.
User Caution and Ongoing Threats
In light of these incidents, users are advised to exercise caution. They should double-check URLs and account handles before engaging with links or connecting wallets. It is also recommended to maintain ‘approval hygiene’ by revoking active approvals and avoiding ‘infinite’ approvals. Utilizing built-in wallet address books can help identify unexpected addresses in transactions. Individuals are encouraged to carefully consider any transaction they do not fully understand before signing.
In October alone, Scam Sniffer reported that approximately 12,000 victims fell prey to crypto phishing scams, with total losses amounting to $20.2 million, including four cases exceeding $1 million. Although the total amount lost in October was 56% lower than the previous month, the number of victims increased by 20%. This underscores the persistent threat of cryptocurrency scams and the need for vigilance among users.
Original Source: Read the Full Article Here
