Phishing attacks accelerated in 2024, cost $800M year-to-date

Source Cryptopolitan

Phishing attacks did not abate in 2024 and were especially consistent in the past three months. Certik tallies up the losses at $800M for the year to date. 

Attacks through malicious links led to a record number of major incidents. According to Certik, phishing attacks in the year to date led to $800M in losses. The value of the attacks rose additionally as the crypto market appreciated. A total of 26 significant attacks happened in October, and so far seven by the middle of November. 

Some of the phishing and address poisoning attacks manage to target the occasional large-scale wallet, leading to deeper losses. However, the attack’s model relies on wide distribution and producing as many attacks to wallets as possible. Scams with fake copied addresses happen almost daily and sometimes drain significant personal holdings. In a recent case, the poisoned address spoofed the legitimate wallet of a centralized exchange. 

A more sophisticated form of wallet draining features a test attack. Recently, another address lost over $110K, when a malicious wallet spoofed the original transaction by introducing its own address. The scammer’s wallet even passed the test transaction test, before the user was convinced to send the entire sum. 

Another user lost $220K by being convinced to click on a malicious link and give permission to connect with the wallet-draining smart contract. The wallet recipient has already been labeled among the growing list of fake phishing wallets. As with other similar exploits, scammers still rely on Tornado Cash to cover their tracks.

Most of the attacks focused on the Ethereum and Solana ecosystem, with much fewer BTC losses. The habitual interaction with multiple protocols for Web3, NFT, or meme tokens, made users more likely to sign permissions and trust prompts to connect their wallet. Multi-asset wallets are also vulnerable, which is one of the main sources of BTC losses. 

Web3 still faces ‘ice fishing’ attacks

Certik noted that Web3 projects are especially vulnerable to so-called ‘ice fishing’ techniques. Ice fishing uses faked links, spoofed sites, or more creative tools to insert a link. The links call for a wallet approval and issue an approval transaction. 

Later, the malicious attacker can initiate a transaction once the wallet is opened. Until permission is revoked, the wallet connected to a phishing link remains vulnerable. Certik warns users to check their wallet approvals through a legitimate tool, and not through third-party links. Etherscan’s token approval protocol can help revoke suspicious links. 

Decentralized exchanges and lending protocols are the most widely attacked and spoofed apps. More than $200M so far has been spoofed by scammers in connection with DEX activity

Certik excludes wallet scams from other exploits. Big hacks and attacks were more rare in October, but wallet scams remained at their usual elevated level both in terms of raw numbers and funds taken. 

Certik proposes using vanity addresses

One of the ways to create a more recognizable address is to create a vanity string. The tools to generate wallets rely on multiple attempts until they produce the right address with the desired number string. 

Vanity addresses can also be spoofed, but the chance is lower. Certik has also noticed that some spoof wallets generate vanity addresses with a preferred string of characters in the middle. 

Other widely used services like the 1Inch DEX aggregator have generated an easily recognizable vanity address to make deposits easier. Over time, scammer addresses grew to a total of 269,705, following community reporting. Pink Drainer remains one of the biggest recipients of user funds, but new addresses with smaller hausl are added all the time. 

Risky addresses often gain a label as Fake Phishing, but only after being reported multiple times. Other flagged addresses contain zero-sum transactions. To bypass the flagging of zero-value tokens, scammers will also send a legitimate amount of USDT. The scam still hinges on the end user copying the addresses from the transaction history.

Disclaimer: For information purposes only. Past performance is not indicative of future results.
placeholder
AUD/USD: Current price action is likely the early stages of a recovery – UOB GroupAustralian Dollar (AUD) is likely to trade in a sideways range between 0.6220 and 0.6290. In the longer run, current price action is likely the early stages of a recovery phase that could potentially reach 0.6350, UOB Group’s FX analysts Quek Ser Leang and Lee Sue Ann note.
Author  FXStreet
Jan 22, Wed
Australian Dollar (AUD) is likely to trade in a sideways range between 0.6220 and 0.6290. In the longer run, current price action is likely the early stages of a recovery phase that could potentially reach 0.6350, UOB Group’s FX analysts Quek Ser Leang and Lee Sue Ann note.
placeholder
U.S. March Nonfarm Payroll Preview: Even If Data Aligns with Expectations, Financial Markets May Not Escape the Fate of VolatilityOn 4 April 2025, the United States will release its March Nonfarm Payrolls (NFP) data. The market consensus currently anticipates job growth of 128,000, a decline from February’s 151,000 (Figure 1). W
Author  TradingKey
Apr 02, Wed
On 4 April 2025, the United States will release its March Nonfarm Payrolls (NFP) data. The market consensus currently anticipates job growth of 128,000, a decline from February’s 151,000 (Figure 1). W
placeholder
Five bullish Shiba Inu (SHIB) Price Predictions for April 2025SHIB price targets diverge as investors weigh Shibarium L3 upgrades, burn-rate surges, and altcoin market sentiment. Forecasts range from a conservative $0.000012 to a parabolic $0.00030.
Author  FXStreet
Apr 16, Wed
SHIB price targets diverge as investors weigh Shibarium L3 upgrades, burn-rate surges, and altcoin market sentiment. Forecasts range from a conservative $0.000012 to a parabolic $0.00030.
placeholder
Gold price slides back closer to $3,300 amid tariff deals optimismGold price (XAU/USD) struggles to capitalize on the previous day's bounce from the vicinity of the $3,265-3,260 pivotal support and attracts fresh sellers during the Asian session on Tuesday.
Author  FXStreet
Yesterday 07: 31
Gold price (XAU/USD) struggles to capitalize on the previous day's bounce from the vicinity of the $3,265-3,260 pivotal support and attracts fresh sellers during the Asian session on Tuesday.
placeholder
Gold Price Forecast: XAU/USD drifts lower to near $3,310 ahead of key US data releases The Gold price (XAU/USD) extends the decline to near $3,315 during the early Asian session on Wednesday. The precious metal edges lower amid easing trade tensions and better risk sentiment in global markets.
Author  FXStreet
8 hours ago
The Gold price (XAU/USD) extends the decline to near $3,315 during the early Asian session on Wednesday. The precious metal edges lower amid easing trade tensions and better risk sentiment in global markets.
goTop
quote