Phishing scammers have devised a cunning scheme to deceive unsuspecting readers by cloning the websites of two prominent crypto platforms, Blockworks and Etherscan.
Their nefarious plot aims to trick individuals into connecting their crypto wallets to a fraudulent source, ultimately resulting in the theft of their digital assets.
The counterfeit Blockworks website took a deceptive approach by displaying a fabricated “BREAKING” news report regarding a supposed multimillion-dollar “approvals exploit” on the decentralized exchange Uniswap.
Users were lured into visiting a counterfeit Etherscan website under the pretense of rescinding approvals related to this purported incident.
This fake news article was disseminated on Reddit through compromised accounts within various crypto-related subreddits, amplifying its reach and potential victims.
The imposter Etherscan website, masked as a token and smart contract approval checker, concealed a treacherous trap: a wallet-draining mechanism.
Beosin, a reputable blockchain security firm, conducted an examination of the drainer’s smart contract.
They discovered that the attacker’s objective was to siphon off wallets holding a minimum of 0.1 Ether, equivalent to $180.
READ MORE: FTX Pursues Investigation into $6.5 Million Payments to AI Safety Nonprofit CAIS Amid Bankruptcy
However, the drainer had a critical flaw; it failed to initiate any phishing transaction after a wallet was connected, undermining its malicious intent.
A closer examination of the fraudulent domains revealed that the sham Etherscan site, approvalscan.io, was registered on October 25th, while the counterfeit Blockworks site, blockworks.media, was registered just a day later.
This quick domain registration turnaround showcased the scammers’ urgency in launching their deceitful campaign.
In an October 25th tweet, Web3’s anti-scam platform, Scam Sniffer, exposed another instance of scammers deploying a wallet-draining mechanism on a cloned website imitating the crypto news outlet Decrypt.
Intriguingly, Scam Sniffer clarified that the phony Blockworks and Decrypt sites were operated by distinct groups of scammers, adding a layer of complexity to their fraudulent operations.
As phishing scams continue to evolve in sophistication, it is essential for users in the crypto space to exercise utmost caution and verify the authenticity of websites and information sources before connecting their wallets or engaging in any transactions.
Vigilance remains the best defense against these cunning cybercriminals seeking to exploit the crypto community’s trust.
Discover the Crypto Intelligence Blockchain Council
