In a recent phishing crypto scam, scammers have successfully stolen over $580,000 from individuals by exploiting major Web3 companies’ email addresses. Notable victims include Cointelegraph, WalletConnect, and Token Terminal.
Cryptocurrency investigator ZachXBT highlighted a multichain address on his X account, indicating that over $580,000 in stolen cryptocurrency has been amassed since the phishing emails began circulating.
The address comprises 280 different cryptocurrency tokens, with 86% of the portfolio being Ether, totaling 227 ETH at the time of this report.
Others in the crypto community confirmed that they also received such emails.
WalletConnect Issues Warning to Users About Phishing Crypto Scam
WalletConnect issued a warning to users on social media platforms, informing them about phishing emails containing malicious airdrop links.
COO Jess Houlgrave confirmed that the attackers used the company’s actual email address for these phishing attempts and stated that WalletConnect is actively collaborating with MailerLite to address the situation.
Web3 SocialFi and De.Fi users are also falling victim to phishing crypto scam with emails that promote a launchpad launch, accompanied by an airdrop link. Additionally, a fake Token Terminal beta launch was announced, encouraging users to claim a fictitious airdrop.
Insights from Web3 security firm Blockaid suggest that the attackers employed the Angel Drainer wallet-draining software, previously associated with the high-profile Ledger Connect Kit attack in December 2023.
The crypto community is urged to exercise caution and verify the authenticity of emails from major Web3 companies during this ongoing security incident.