User Loses $32 Million in spWETH Following Sophisticated Phishing Attack

On September 27, a wallet with the address ending in “e57” fell victim to an advanced phishing attack, resulting in the loss of 12,083 Spark Wrapped Ethereum (spWETH) tokens, worth $32 million.

According to crypto security firm CertiK, the majority of the stolen assets—10,000 spWETH valued at approximately $26 million—was transferred to a wallet starting with "0x471c." The funds were later distributed across four additional wallets. Specifically, 1,750 Ether (ETH) was sent to a wallet beginning with “0x105c,” 2,613 ETH to “0x278d,” 3,730 ETH to “0x408d,” and 1,865 ETH to “0xfaf2.”

Arkham Intelligence reported that the compromised wallet may be linked to Shixing Mao, founder of F2Pool, though this information has yet to be confirmed.

Surge in Phishing Attacks in August 2024

Phishing attacks in the crypto space increased by 215% in August 2024. Scam Sniffer's report revealed that losses from phishing schemes that month exceeded $66 million. One victim alone lost $55 million in a proxy ownership phishing scam.

In September 2024, Blockaid reported that the notorious Angel Drainer phishing software had been upgraded to AngelX, which launched over 300 phishing decentralized applications (DApps) in just four days. This new software targets newer blockchain networks such as The Open Network and Tron, giving attackers enhanced tools to create sophisticated phishing schemes.

Search Engines Featuring Malicious Links

A September 11 report from Scam Sniffer highlighted that search engine DuckDuckGo unknowingly displayed fraudulent Etherscan websites. These malicious links trick users into connecting their MetaMask wallets, allowing hackers to gain access to their funds once the connection is made.