comprehensivelycrypto-phishing-scams-drain-300-million-from-320000-users/” target=”_blank” rel=”noopener nofollow”> annual report published by web3 security firm Scam Sniffer, alarming statistics highlight the growing threat of phishing scams in the crypto industry. According to the report, these scams resulted in the theft of approximately $300 million in cryptocurrency.
Rising Tide of Sophisticated crypto Scams
According to the report, phishing activities have increased throughout the year, with scammers increasingly employing “sophisticated tactics” to evade security measures. In particular, Scam Sniffer identified a type of malware called “Wallet drainers”, which has gained significant momentum and posed a serious risk over the past year.
This malware is deployed on phishing websites, tricking users into signing malicious transactions and subsequently siphoning assets from their cryptocurrency wallets.
The report notes that the impact of these phishing activities has been devastating and has affected common users in various forms and causing substantial financial losses. Scam Sniffer tracking revealed that Wallet Drainers stole nearly $295 million in assets from approximately 324,000 victims in 2023.
One particularly alarming incident occurred on March 11, with nearly seven million dollars stolen in a single day. Victims found phishing websites posing as Circle, and the theft was mainly attributed to fluctuations in USDC rates.
Scam Sniffer's findings also revealed notable thefts around March 24, coinciding with the Arbitrum Discord hack. Interestingly, the report highlights that each theft spike was associated with events related to the group, such as airdrops or hacking incidents.
The report also identifies prominent Wallet Drainers, including Inferno Drainer, MS Drainer, Angel Drainer, Monkey Drainer, Venom Drainer, Pink Drainer, and Pussy Drainer, each of which are responsible for significant financial losses and victim counts.
Discord, airdrops and paid traffic to steal cryptocurrencies
The report further emphasized the “ever-evolving nature” of these phishing operations. After ZachXBT exposed Monkey Drainer, his departure was announced after six months of activity.
Venom Drainer subsequently took over a significant portion of their “clientele.” Following Venom's termination of service in April, other phishing gangs looked for alternative suppliers.
Furthermore, the scale and speed of these attacks have increased significantly. For example, Monkey Drainer spent $16 million in six months, while Hell's wringer He substantially exceeded this figure, looting a staggering $81 million in just nine months. With a 20% drain fee, these malicious actors made at least $47 million from selling wallet drain services.
Phishing sites acquire traffic through various methods, including hacking official Discord and X project accounts (formerly Twitter), attacks on official project interfaces or libraries used, and airdrops of non-fungible tokens (nft).
While the community typically responds quickly to hacking attacks, other methods, such as airdrops and organic or paid traffic, can go unnoticed, the report notes.
Scam Sniffer's ongoing efforts to combat these threats involve scanning nearly 12 million URLs and identifying nearly 145,000 malicious URLs.
The company's open source blacklist currently contains nearly 100,000 malicious domains and is actively collaborating with platforms like Chainabuse to expose and mitigate these malicious websites.
Ultimately, Scam Sniffer aims to improve the public's understanding of phishing threats and contribute to a safer web3 ecosystem by raising awareness and sharing information about major theft cases on social media platforms.
Featured image from Shutterstock, chart from TradingView.com
