Coordinated crypto hack and phishing campaign floods investor emails: Alert

Avatar

Scammers have stolen over $580,000 from unsuspecting victims in an ongoing hacking and phishing attack using email addresses mimicking major Web3 companies, including Cointelegraph, WalletConnect and Token Terminal.

Screenshot of a phishing email from the ongoing campaign. Source: ZachXBT

Cryptocurrency investigator ZachXBT flagged a multichain address on his Telegram channel that has amassed over $580,000 of stolen cryptocurrency since the phishing emails were delivered.

The address contains a mix of 280 different cryptocurrency tokens, with 86% of the wallet’s portfolio containing Ether (ETH), amounting to 227 ETH at the time of writing. 

Related: Trezor discloses 66K users affected by phishing attack

WalletConnect also warned users on X (formerly Twitter) that it is aware of the phishing email prompting users to click the malicious airdrop link.

Users of Web3 SocialFi and antivirus app De.Fi are also being targeted by an email promoting a launchpad launch, including a link to an airdrop. The attackers also announced a fake Token Terminal beta launch featuring a button to claim a fictitious airdrop.

The email addresses used by the attackers are designed to dupe recipients into believing their authenticity, with no discernable difference from the legitimate addresses of the associated companies.

Investors should always be cautious when interacting with emails claiming unexpected airdrop announcements.

Magazine: Doctor Who materializes in Web3: Tony Pearce’s journey in time and space