DMR News

Advancing Digital Conversations

Impersonation on X Platform Leads to $47 Million Stolen by Crypto Phishers in February

ByDayne Lee

Mar 12, 2024

Impersonation on X Platform Leads to $47 Million Stolen by Crypto Phishers in February

In a recent revelation, fraudulent activities on the social media platform X have been identified as the primary culprits behind over 57,000 individuals falling victim to cryptocurrency phishing scams in February. The Scam Sniffer’s crypto phishing report disclosed that a staggering $46.8 million was siphoned off last month, with a significant number of victims being directed to phishing websites through deceitful comments from fake Twitter accounts.

The Ethereum Mainnet

The Ethereum mainnet emerged as the focal point for these phishing attacks, with 78% of the total thefts occurring within its network. ERC-20 tokens, utilized in a vast majority of transactions on the Ethereum blockchain, constituted 86% of the total assets stolen. According to Scam Sniffer, these thefts primarily resulted from users unwittingly granting permissions through phishing signatures and transaction approvals, including Permit, IncreaseAllowance, and Uniswap Permit2 functionalities.

Evolving Tactics: Wallet Drainers and Account Abstraction

An alarming trend noted in the report is the shift towards utilizing account abstraction wallets by scammers. These wallets, designed for enhanced functionality and smart contract compatibility, are now being exploited as token approval spenders in sophisticated phishing schemes.

Despite the increasing number of phishing victims in February compared to January, there was a notable decrease in the total amount stolen and fewer instances of victims losing over $1 million.

Social Media: A Hunting Ground for Scammers

High-profile social media accounts have become prime targets for crypto phishers, employing tactics ranging from impersonation to outright account hacking to disseminate phishing links. Notably, MicroStrategy’s account on X fell prey to hackers in February, leading to the theft of approximately $440,000 in cryptocurrency. Other prominent names such as Compound Finance, Rocket Pool, Blockchain Capital, and even Ethereum’s co-founder Vitalik Buterin have experienced similar breaches in recent months.

The Rise of Approval Phishing

Crypto scammers are increasingly adopting “approval phishing” as their modus operandi. This method deceives victims into authorizing transactions that grant attackers access to their wallets, subsequently enabling the theft of funds. A report by the United States Federal Bureau of Investigation highlighted Millennials as the demographic most susceptible to such investment fraud.

Summary of February’s Crypto Phishing Trends

AspectDetail
Leading CauseFake accounts on X
VictimsOver 57,000
Total Loss$46.8 million
Main Network AffectedEthereum Mainnet (78% of thefts)
Assets Primarily StolenERC-20 Tokens (86% of all assets stolen)
Common Theft MethodsPermit, IncreaseAllowance, Uniswap Permit2, account abstraction
High-Profile Account HacksMicroStrategy, Compound Finance, Rocket Pool, Blockchain Capital, Vitalik Buterin

Addressing the Threat

The persistence and evolution of crypto phishing schemes underscore the critical need for heightened awareness and security measures among cryptocurrency users and on social media platforms. As scammers continue to refine their strategies, the community must stay vigilant, adopt secure practices, and leverage advanced security features to safeguard their assets against these malicious actors.

February’s report on crypto phishing underscores a growing concern within the digital asset space, with impostors on the X platform leading a significant wave of theft totaling $47 million. The Ethereum mainnet’s prominence as a target and the innovative tactics employed by scammers, such as account abstraction wallet exploitation, highlight the sophisticated nature of these attacks. The incidents serve as a stark reminder of the vulnerabilities present in the cryptocurrency ecosystem and the imperative for continuous education, improved security protocols, and collaborative efforts to mitigate these threats.


Featured image credit: bongkarn via Adobe Stock

Dayne Lee

With a foundation in financial day trading, I transitioned to my current role as an editor, where I prioritize accuracy and reader engagement in our content. I excel in collaborating with writers to ensure top-quality news coverage. This shift from finance to journalism has been both challenging and rewarding, driving my commitment to editorial excellence.