News

Crypto users lose $580k in scams linked to web3 firms, details here

The affected companies took immediate steps to pacify their user base. 

Published

on

  • Users were tricked into clicking malicious links to wallet drainer sites.
  • The root cause of the issue was hacking of email service provider Mailer Lite.

The crypto market came under the target of a coordinated phishing attack on 23rd January, resulting in losses of more than $580,000.

This is what happened

According to on-chain sleuth ZachXBT, emails mimicking popular Web3 companies like CoinTelegraph, Token Terminal, and Wallet Connect were sent to unsuspecting users.

The mails, which seemingly came from official addresses of the aforementioned companies, tricked users into clicking “airdrop claim” links, which were nothing but links to wallet drainer sites.

The snippets attached in ZachXBT’s post showed how hackers used sophisticated techniques to imitate the original mail template of the companies.

Source: ZachXBT

ZachXBT flagged the address to which the stolen amount has been transferred to.

Email marketing platform gets hacked

Further instigation by Web3 security firm Blockaid revealed that the root cause of the issue was hacking of email service provider Mailer Lite.

A vulnerability allowed hackers unauthorized access to Mailer Lite’s system. After this, they impersonated user accounts of popular crypto-linked companies.

Blockaid also noted,

“Attackers took advantage of the fact that Mailer Lite had previously been given permission to send email on behalf of these site’s domains, enabling them to craft emails that seemed to be coming from these organizations.”

Words of assurance

The affected companies whose addresses were fraudulently used, took immediate steps to pacify their user base.

Token Terminal stated that they had disconnected their domain from Mailer Lite. The firm also deleted all subscriber information to avoid further troubles.

WalletConnect also assured its users that they were instigating the issue further and urged them not to interact with the airdrop claim email.

All that glitters is not gold

AMBCrypto previously reported about the alarming increase in the number of phishing websites every month. This was also in line with the steady growth of wallet drainer services.

Airdrops were increasingly being used as a weapon to wipe out crypto funds. Such cases require extra prudence from the users, and it’s always advisable to research before jumping on the offer.