The phenomenon of fund theft through phishing mechanisms has resurfaced following reports of $600,000 in investor funds being lost due to phishing via email.
This news comes in the wake of the compromise of an email marketing platform called Mailer Lite by unknown actors, who seized control of the email addresses of several prominent crypto companies to deceive users through fake airdrop announcements and additional verifications.
Increase in Crypto Wallet Phishing via Email!
This intrusion was discovered by BlockAid, which identified that approximately $600,000 in customer funds was successfully stolen by hackers using phishing mechanisms. They achieved this by sending fake links to crypto wallet phishing sites.
The hackers exploited the ‘dangling DNS’ mechanism, wherein Mailer Lite could send emails on behalf of affiliated companies through the email addresses of those companies.
As a result, the attackers took control of several email addresses belonging to major crypto companies to send fake emails, gaining control through wallet drainer mechanisms.
Wallet drainer is a method where thieves use fake links to request confirmation of unclear transactions from the wallet owner, providing an opportunity to drain the entire balance from the wallet.
One of the tools used is Angel Drainer, where the thief employs a confirmation pop-up disguised as an airdrop approval but steals the contents of the connected wallet.
According to a report by ZachXBT, a renowned analyst in the crypto Twitter world, some of the compromised company email addresses include Cointelegraph, Wallet Connect, Token Terminal, and a crypto analysis and antivirus platform called De.Fi.
Some users were deceived as they received emails directly from these company email addresses, making them appear highly trustworthy. The four email addresses provided users with the opportunity to claim an airdrop by pressing the “claim now” button as if it were a genuine reward. Unfortunately, due to the use of official email addresses, many users were deceived, resulting in a loss of $600,000.
Beware of Scams in the Airdrop Era
According to discussions among several on-chain analysts on Twitter, Mailer Lite currently has connections with other crypto company email addresses that have not been publicly detected.
As of now, Mailer Lite has not provided confirmation or clarification regarding this breach, creating a strong sense of uncertainty and suspicion surrounding emails from crypto companies.
Therefore, investors are advised to remain vigilant when receiving emails inviting them to claim free airdrops, as these invitations are likely to be scams.
This is a clever move by the hackers, considering the ongoing airdrop season where various blockchains actively promote airdrops to attract users to their ecosystems.
According to data from several airdrop information sites, there is currently information about more than 10 airdrops per day, supporting the statement that the airdrop season continues to thrive despite the volatile market conditions.
However, it’s crucial to note that, generally, airdrops require investors to perform various tasks, especially for airdrops related to crypto application platforms. Users are usually required to use the crypto platform before earning points that will be considered as potential rewards in the form of airdrops.
The availability of airdrops that can be claimed immediately has dwindled. Therefore, if investors receive such information, especially in email form, caution is advised, and they should not hastily click on links.
Typically, during corrections following high price appreciations, the crypto market will face significant phishing attacks. Hence, for now, investors, especially those using hot wallets, are encouraged to exercise caution and diligence when confirming transactions related to anything crypto-related.
