Scammers have stolen over $580,000 from unsuspecting victims in an ongoing hacking and phishing attack using email addresses mimicking major Web3 companies, including Cointelegraph, WalletConnect and Token Terminal.
Cryptocurrency investigator ZachXBT flagged a multichain address on his Telegram channel that has amassed over $580,000 of stolen cryptocurrency since the phishing emails were delivered.
The address contains a mix of 280 different cryptocurrency tokens, with 86% of the wallet’s portfolio containing Ether (ETH), amounting to 227 ETH at the time of writing.
WalletConnect also warned users on X (formerly Twitter) that it is aware of the phishing email prompting users to click the malicious airdrop link.
We’re aware of an email that appears to have been sent from an email address linked to WalletConnect prompting recipients to open a link to be able to claim an airdrop.
We can confirm that this email was not issued directly from WalletConnect or any WalletConnect affiliates, and… pic.twitter.com/bksAlMnWja
— WalletConnect (@WalletConnect) January 23, 2024
Users of Web3 SocialFi and antivirus app De.Fi are also being targeted by an email promoting a launchpad launch, including a link to an airdrop. The attackers also announced a fake Token Terminal beta launch featuring a button to claim a fictitious airdrop.
The email addresses used by the attackers are designed to dupe recipients into believing their authenticity, with no discernable difference from the legitimate addresses of the associated companies.
Investors should always be cautious when interacting with emails claiming unexpected airdrop announcements.