Phishing Campaigns Targeting Etherscan Users Through Advertisements Identified

Etherscan Phishing Phishing scams
Last updated:
Journalist
Journalist
Hassan Shittu
About Author

Hassan, a Cryptonews.com journalist with 6+ years of experience in Web3 journalism, brings deep knowledge across Crypto, Web3 Gaming, NFTs, and Play-to-Earn sectors. His work has appeared in...

Last updated:
Why Trust Cryptonews
Cryptonews has covered the cryptocurrency industry topics since 2017, aiming to provide informative insights to our readers. Our journalists and analysts have extensive experience in market analysis and blockchain technologies. We strive to maintain high editorial standards, focusing on factual accuracy and balanced reporting across all areas - from cryptocurrencies and blockchain projects to industry events, products, and technological developments. Our ongoing presence in the industry reflects our commitment to delivering relevant information in the evolving world of digital assets. Read more about Cryptonews
Ad DisclosureWe believe in full transparency with our readers. Some of our content includes affiliate links, and we may earn a commission through these partnerships. Read more

A significant phishing campaign targeting users of the Ethereum blockchain explorer Etherscan has come to light, with several advertisements identified as part of the malicious operation.The campaign was called out by a user on X, who raised a red flag about the presence of potentially malicious phishing scam ads. 

Warning Issued After Phishing Campaign Targets Etherscan Users

On April 8, McBiblets, flagged certain advertisements on Etherscan as potential wallet drainers, cautioning users against being redirected to phishing websites upon clicking on such ads.

Further investigation revealed that these phishing advertisements were not limited to Etherscan but were also spotted on various known phishing websites. Web3 security platform Scam Sniffer swiftly responded to the warning and launched an investigation.

Shortly after that, Scam Sniffer confirmed the presence of a new scam through their official X account.

“Etherscan aggregates ads from platforms like Coinzilla & Persona, where insufficient filtering could lead to exposure to phishing attempts,” Scam Sniffer explained.

Scam Sniffer uncovered the extent of the phishing campaign, noting that the advertisements were spreading beyond Etherscan and popping up on popular search engines like Google, Bing, DuckDuckGo, and social media platforms.

Renowned on-chain detective ZachXBT delved further. He disclosed that the phishing on Etherscan is linked to a draining service. Furthermore, ZachXBT revealed that the draining service had phished a six-figure sum from a victim.

ZachXBT also shared the address of the theft. When the address was looked up on-chain, it was found that the wallet contained 87.08 Ethereum (ETH), equivalent to approximately $298,972 at the time of reporting.

This amount is equivalent to approximately $298,972 at the time of writing. Additionally, the scammer holds other tokens and coins, including $25,375 worth of OPSEC, $9,642 worth of PEPE, and $4,207 worth of Ethena (ENA).

Although the notorious cyber phishing organization Angel Drainer is suspected of orchestrating this ongoing attack against Etherscan users, concrete evidence about the perpetrators remains elusive.

The modus operandi of the wallet drainer scam involves enticing users to counterfeit websites and prompting them to link their crypto wallets. Once linked, scammers can siphon off funds into their personal wallet addresses without requiring user authentication or permission.

Chief Information Security Officer 23pds from blockchain security firm SlowMist emphasized the warning, advising users to exercise caution due to the presence of phishing ads on Etherscan.

Phishing Attacks on Crypto Users Lead to $300 Million in Losses in 2023, Reports Scam Sniffer

Phishing attacks pose a significant threat to crypto users, with nearly $300 million stolen from over 324,000 victims through wallet drainers in 2023 alone, according to Scam Sniffer.

According to Scam Sniffer data, phishing attacks scammed around 97,000 crypto users of $104 million in the first few months of this year. Losses were $55 million in January, with $46.8 million coming in February.

Ethereum users suffered the most damage, losing $78 million in assets, including ETH and ERC20 tokens, according to a breakdown of the attacks. The primary tactic used by cybercriminals was to trick victims into signing harmful phishing signatures like “Uniswap Permit2” and “increaseAllowance,” which allowed the malicious players to acquire unauthorized access to their victims’ cash.

“Most of the thefts of all ERC20 tokens were due to assets being stolen as a result of signing phishing signatures such as Permit, IncreaseAllowance, and Uniswap Permit2,” Sniffer explained in a statement.

Also, Scam Sniffer discovered that the majority of victims were duped by false comments on social media platforms, particularly X. The attackers frequently pose as respectable cryptocurrency organizations to attract unwary people to phishing sites where their digital assets are stolen.

Despite efforts to shut down such scams, Scam Sniffer notes that “phishing gangs” often relocate their operations to different platforms, indicating a persistent challenge in combating fraudulent activities in the crypto space.

More Articles

Altcoin News
Deutsche Bank Joins Boerse Stuttgart-Owned Bison as Banking Partner
Veronika Rinecker
Veronika Rinecker
2025-01-14 16:37:13
Features
Excessive Crypto Taxes May Trigger Talent Exodus from EU, Expert Warns
Hassan Shittu
Hassan Shittu
2025-01-14 11:10:37
Crypto News in numbers
editors
Authors List + 66 More
2M+
Active Monthly Users Around the World
250+
Guides and Reviews Articles
8
Years on the Market
70
International Team Authors