A massive phishing approach has been discovered, which targets users of the popular Ethereum blockchain explorer Etherscan with false adverts. This advertising, which appears on Etherscan and other platforms, attempts to trick users into connecting their Bitcoin wallets to fraudulent websites, resulting in the theft of their assets.
The discovery of this phishing scheme was initially made by McBiblets, a member of the crypto community X, who identified multiple ads on Etherscan as malicious attempts to drain wallets. Initial analysis indicates that these ads redirect users to phishing websites designed to steal their cryptocurrency. Further investigations by the Web3 anti-scam platform Scam Sniffer revealed that these deceptive advertisements had spread beyond Etherscan, appearing on popular search engines like Google, Bing, and DuckDuckGo, as well as on the social media platform X.
Scam Sniffer pointed out that Etherscan aggregates ads from platforms like Coinzilla and Persona, where insufficient filtering could result in exposure to phishing attempts. The “wallet drainer” scam functions by enticing users to connect their crypto wallets to fake websites, giving scammers the ability to withdraw funds into their own wallets without needing user authentication or permission. This underscores the potential lack of oversight from advertisement aggregators as a contributing factor to the widespread nature of the phishing campaign.
SlowMist CISO (chief information security officer) 23pds, who operates under a pseudonym, also warned against the phishing ads on Etherscan, advising users to be vigilant against such scams.
Although the infamous cyber phishing organization Angel Drainer is suspected of orchestrating this ongoing phishing campaign, concrete evidence regarding the scammers’ identity remains elusive at present.
The size and impact of crypto phishing scams have been enormous, with approximately $300 million taken from over 324,000 victims by wallet drainers in 2023 alone. Scam Sniffer’s research further emphasizes the tenacity of these “phishing gangs,” stating that even when drainers are shut down, scammers frequently transfer their operations to other platforms that continue to provide services for their illegal activities.
