A phishing scam targeting Etherscan users has been exposed by X, exploiting ads to direct victims to a site that drains their cryptocurrency wallets. The discovery led to an extensive investigation that revealed the presence of more malicious ads across a variety of platforms, including popular search engines. Hacking has also been a problem in the cryptocurrency space, but ParaSwap recently shared its plans to use its vaults to compensate hacking victims. Additionally, the cryptocurrency industry is experiencing several legal and ethical issues, including the IRS’s aggressive tactics toward blockchain investigators.
Phishing ads from Etherscan
A large-scale phishing campaign targeting Etherscan users was recently uncovered. The issue was first discovered on April 8 by an X community member known as McBiblets. McBiblets discovered that certain ads displayed on Etherscan, the Ethereum blockchain explorer, were actually part of a wallet draining scam. After clicking on these malicious ads, users will be redirected to the following page: phishing Websites designed to steal cryptocurrency.
Expanding on McBiblets’ initial findings, the company found that these phishing ads were spread not only on Etherscan but also on other known phishing websites. that much web3 Scam Sniffer, an anti-fraud platform, also found that these ads were violating the boundaries of the cryptocurrency space, appearing on popular search engines such as Google, Bing, DuckDuckGo, and X. Ad aggregators used by Etherscan, such as Coinzilla and Persona, are considered potential causes of this issue.
The mechanism behind the wallet drain scam is incredibly simple yet effective. Through these advertisements, users are lured to fake websites and persuaded to link their own websites. cryptocurrency wallet. Fraudsters can then steal funds from your wallet without user authentication or permission. This method has proven to be surprisingly efficient, with approximately $300 million reportedly stolen from more than 324,000 victims through these scams in 2023 alone.
The warning about these phishing ads on Etherscan was issued by blockchain security experts, including SlowMist’s Chief Information Security Officer. 23pds. The exact identity of the scammers behind the campaign has yet to be pinpointed, but many suspect it could be a notorious phishing group. Angel Drainer.
What is a phishing scam?
phishing In the cryptocurrency sector, this is a sophisticated fraud technique where scammers pose as trusted institutions to trick people into handing over sensitive data, including private keys and personal information. These scams aim to acquire cryptocurrencies illegally, and their frequency and complexity are rapidly increasing, posing significant risks to wallets, exchanges, and ICO (initial coin offering) participants.
The essence of phishing activities begins with distributing counterfeit communications that appear to originate from: a reputable source, which lures victims with a link to a carefully crafted website to mirror the actual platform. Users who enter their credentials into these fake sites unknowingly give attackers access to their digital funds.
Cryptocurrency phishing uses a variety of strategies and targets different aspects of the digital financial ecosystem. Spear phishing focuses on the targets of individuals or organizations and leverages specific information about the victim to increase the credibility of the attack. Whaling attacks expand on this concept by focusing their efforts on high-ranking officials within a company and, if successful, can potentially compromise the entire organizational network. Clone phishing involves duplicating legitimate emails with altered links or attachments with malicious intent, exploiting the recipient’s familiarity and trust in the sender. Pharming is a more technically insidious approach that involves manipulating DNS entries to redirect users from legitimate sites to fraudulent clones without their knowledge.
Meanwhile, other phishing scams include nefarious twin attacks that create fake Wi-Fi networks to harvest credentials. Voice phishing (vishing), which extracts falsely sensitive information through phone calls; There is also SMS phishing (smishing), which uses text messages to trick victims into clicking on malicious links.
Another sophisticated tactic, DNS hijacking, involves altering DNS entries to trick users into visiting scammer websites. The emergence of phishing bots has allowed cybercriminals to automate and scale these fraudulent practices, expanding their reach across the digital domain. Additionally, distribution of fake browser extensions poses a direct threat to user privacy and security by pretending to be legitimate tools while secretly stealing data and redirecting users to fraudulent sites.
Among the newer phishing methods are ice phishing attacks, in which attackers trick victims into signing a transaction that unwittingly transfers control of tokens, and crypto malware that encrypts user data for a ransom, often propagated through malicious downloads or links. It’s possible.
ParaSwap Takes Action
Hacking has also become a scourge in the cryptocurrency industry, but leading DeFi aggregator ParaSwap has decided to use its own funds to compensate victims of recent hacks. This decision came after the ParaSwap decentralized autonomous organization (DAO) offered refunds to victims of the AugustusV6 contract vulnerability. The proposal received overwhelming support from the community, with 96.81% of voters supporting the compensation plan.
The AugustusV6 contract was briefly introduced on March 18 with the intention of increasing swap efficiency and lowering gas fees for users. Unfortunately, it contained a major flaw that could have allowed hackers to steal funds from users who approved the upgrade. A quick contract withdrawal prevented a potential loss of $3.4 million in assets, but still resulted in a loss of approximately $864,000.
ParaSwap took immediate action by working with blockchain analytics and security companies Chainalytic and TRM Labs. This was primarily to identify the hacker’s address and track stolen funds. The scheme was partially successful, recovering approximately $500,000 worth of assets. The remaining losses and costs associated with resolving vulnerabilities, including refunds, security analysis, contract re-audit, and communication with authorities, will be borne by the ParaSwap Foundation.
This move to provide full refunds to affected users follows the March blockchain domain hack, in which nearly $100 million worth of digital assets were stolen from various platforms. Fortunately, according to blockchain security companies, PeckShield52.8% of stolen funds were recovered.
fine line
Cryptocurrency crime has grown to a point where even those trying to help are overwhelmed by the scale of the problem. Blockchain Investigator ZachXBT Recently, the Internal Revenue Service’s (IRS) Criminal Investigation Unit (CIU) expressed concerns about its aggressive tactics to gain expertise in blockchain investigations. In a detailed post about Shared.
These claims surfaced as ZachXBT acknowledged its commitment to assisting victims and law enforcement in solving blockchain-related crimes. But investigators’ discomfort with the IRS’s approach was exacerbated by an email from an IRS special agent shared in the post. The agent praised ZachXBT’s proficiency in using blockchain tracking tools and expressed a desire to learn from him to increase the impact of law enforcement efforts in the cryptocurrency and cyber sectors. Despite the praise, ZachXBT criticized the IRS’ contact method as a blatant disregard for professionalism.
However, ZachXBT recently declined to support SIMPLE holders. Meme Coin After an abrupt discontinuation by the developers on April 4th. ZachXBT justified his decision by expressing his reluctance to invest his time in people who recklessly invest in untrustworthy meme coins rather than true victims.
While the IRS has shown some interest in making blockchain technology more secure, ZachXBT’s experience is in meeting law enforcement’s knowledge needs for navigating the complex world of cryptocurrency and respecting the personal boundaries and professional ethics of those seeking help. It raises questions about the balance between the two.
Digital rights at stake
On the other hand, others believe that those trying to help may actually be harming the digital asset sector. Representatives of three prominent US-based cryptocurrency advocacy groups have come forward to support Tornado Cash co-founder Roman Storm as he battles his serious legal battle. April 5th, filings The Blockchain Association, Coin Center, and DeFi Education Fund filed in the U.S. District Court for the Southern District of New York. These organizations presented arguments dismissing the charges against Storm and challenged the notion that Tornado Cash was crypto mixerControlled funds or messages transmitted by users through the platform.
Advocacy groups pointed out several key issues in a separate filing. They specifically noted that the number of felony counts facing Storm not only misunderstands Tornado Cash’s operations but also raises significant First Amendment concerns. Specifically, they argue that sanctions violations and money laundering allegations misunderstand the fundamental dynamics between smart contract protocols and developers.
Marisa Coppel, head of legal affairs at the Blockchain Association, also shared concerns about the broader implications of the government’s adoption of its legal position. She believes that such a view threatens not only the digital asset industry, but the fintech sector as a whole. The association urged the court to accept the government’s burden of proof and dismiss the charges it deemed unfounded to protect the rights of defendants and the integrity of the digital asset sector.
This legal challenge follows the U.S. Department of Justice announcing charges against Storm and co-developer Roman Semenov in August 2023. Storm has pleaded not guilty and is currently being held on $2 million bail with travel restrictions. Semenov’s location is not yet known and Storm’s trial is scheduled for September.
The lawsuit against Tornado Cash has extended beyond U.S. borders. developer Alexey Pertsev was arrested in the Netherlands in August 2022 on charges of helping a North Korean hacking group launder about $1 billion through a cryptocurrency mixer. Pertsev was released after about nine months in detention.
The controversy surrounding Tornado Cash grew after the U.S. Treasury Department’s Office of Foreign Assets Control decided to list cryptocurrency addresses associated with Tornado Cash as Specially Designated Nationals. This led cryptocurrency supporters to file a lawsuit against the U.S. Treasury. This legal battle is ongoing, with both cases awaiting the outcome of the appellate process after initial losses on motions for summary judgment.