Fraudsters steal over $580,000 in crypto by sending phishing emails through the addresses of major Web3 companies. The victims of the attack were users of WalletConnect, Cointelegraph, De.Fi and Token Terminal.
An anonymous researcher and blockchain security specialist known under the pseudonym ZachXBT reported a large-scale phishing attack. He said scammers sent emails with malicious links and stole ~$580k in crypto.
Scam victims report that the phishing link came within emails from large companies in the Web3 sector, namely:
- CoinTelegraph users received an email with information about the company’s 10th-anniversary celebration and an invitation to participate in an exclusive airdrop for “the most loyal subscribers.”
- WalletConnect users received an invitation to participate in an “extraordinary” airdrop created in collaboration with Web3Inbox;
- phishing links also came with announcing a fake beta launch of Token Terminal’s access and inviting users to participate in an airdrop “exclusively for community members” only;
- users of the antivirus app De.Fi received an email inviting them to join “cutting-edge opportunities” via Launchpad.
According to Cointelegraph, hackers exploited MailerLite, an email marketing service, to access company addresses. Jess Houlgrave, COO at WalletConnect, confirmed that the hackers used the company’s actual address to send the emails. Although the company was not using MailerLite’s services at the time of the attack, the hackers used pre-existing DNS records.
MailerLite is currently investigating the incident. According to Hudson Rock analysts, the hackers gained access to a computer belonging to a company employee. By installing the CRYPTBOT Infostealer malware program, the hackers gained access to MailerLite’s servers. Blockaid analysts said the hackers used the same malware during the Ledger Connect Kit attack in December 2023.
Analysts found that hackers are using messengers Skype or Telegram and Google Ads to distribute phishing links.
Сообщение Hackers Used Large Web3 Companies’ Emails for Phishing появились сначала на CoinsPaid Media.
