From Discord Drops To Malware Drains, $295M Stolen In 145K Scams Throughout 2023

by Murtuza Merchant, Benzinga Staff Writer
January 3, 2024 12:35 PM | 2 min read | Make a Comment
Zinger Key Points
  • Phishing scammers increasingly use varied methods, causing substantial financial losses to unsuspecting cryptocurrency wallet users.
  • Scammers employ hacking, airdrops, and paid advertising to lure victims to malicious phishing sites.

2023 saw a dramatic rise in cryptocurrency phishing scams.
A staggering $295 million was stolen from roughly 324,000 victims, according to a report by Scam Sniffer.

Wallet drainers, malicious software on phishing sites, have been particularly effective, tricking users into signing malicious transactions and draining assets from their cryptocurrency wallets. These attacks have become increasingly varied and sophisticated, causing significant financial damage to many.

A notable spike in theft occurred on March 11, with almost $7 million stolen due to USDC rate fluctuations and phishing sites impersonating Circle.

Another significant wave of theft was observed around March 24, coinciding with the hacking of Arbitrum’s Discord.

The report lists several prominent Wallet Drainers, including Inferno Drainer ($81 million), MS Drainer ($59 million), and Angel Drainer ($20 million), among others. The departure of some Drainers, like Monkey Drainer, led to others like Venom Drainer taking over their clientele. The scale of theft has been rapidly escalating, with Inferno Drainer looting $81 million in just nine months.

Phishing sites are gaining traffic through various means, including hacking attacks on official Discord and Twitter accounts, attacks on project front-ends, airdrops and paid advertising through Google and Twitter ads. Personal private message phishing has also become more prevalent.

Also Read: Bitcoin Plummets Over 9% On Pessimistic ETF Report: 'We Expect The SEC To Reject All Proposals In January'

Victims and Phishing Signatures

The report details the 13 most severe theft cases, with cumulative losses of $50 million. These cases highlight common phishing signatures like Permit, Permit2, Approve, and Increase Allowance, targeting different types of assets.

Scammers are increasingly employing smart contracts for efficient asset transfers, using methods like multicall, CREATE2, and CREATE to bypass security checks and make asset transfer destinations unknown until signing.

There has been a steady increase in the number of phishing websites, with many using services like Cloudflare to hide their actual server addresses. Scam Sniffer has scanned nearly 12 million URLs, discovering almost 145,000 malicious URLs and adding nearly 100,000 malicious domains to their open-source blacklist.

Read Next: China Targets Cryptocurrency In Fight Against Corruption: Focus On Cold Storage, Virtual Currencies

Image: Pixabay

Market News and Data brought to you by Benzinga APIs

© 2024 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.

Posted In: CryptocurrencyNewsMarketsStories That Matter
Benzinga simplifies the market for smarter investing

Trade confidently with insights and alerts from analyst ratings, free reports and breaking news that affects the stocks you care about.

Join Now: Free!