Sony-launched blockchain Soneium spoofed on Google to scam unsuspecting users.
According to blockchain security firm Scam Sniffer, a fake Soneium website lingered on Google search results as an advertisement to scam unsuspecting users. While it does not show up anymore, a misspelling of Soneium— “Someium” —displayed the advertisement at the top of the results.
“Searched for Soneium on Google, clicked a phishing ad,” Scam Sniffer posted on X on October 22. “After connecting your wallet and signing a phishing signature, your assets disappeared.”
Source: Scam Sniffer
“Phishing always happens when you’re not paying attention, even if you mistakenly spell ‘soneium’ as ‘someium,’” it added in a comment. The domain looked identical to the original website, which could fool anyone not looking closely enough. However, upon clicking, users ended up on a landing page resembling an unfinished radiology service out of Britain.
Users still connecting their wallets to this website would have had their assets emptied as it functioned as a crypto drainer. Crypto drainers, often used in crypto phishing attacks, get users to connect their wallets. Upon doing so, they also give the drainers the required permissions to grab all the assets held in their storage solutions, like MetaMask.
Since such websites are hard to distinguish from authentic ones, they fly under Google’s radar to stay up and successfully exploit users until the platform receives complaints about illicit activity.
Soneium is a layer-2 Ethereum network launched by the Japanese conglomerate Sony in partnership with Startale Labs, a Web3 infrastructure developer. While the mainnet is not out yet, Soneium’s testnet went live in August.
Phishing Scams Wreak Havoc on Crypto Users
Last month, Scam Sniffer mentioned that $127 million in crypto assets were lost to phishing attacks in the third quarter of 2024. September alone accounted for $46 million scammed from users. A September 28 attack contributed to the biggest hack that month, as a user lost $38 million in spWETH tokens to a phishing attack.
CertiK reported that Ethereum users lost the most compared to those using other chains in Q3. Out of the $753 million stolen in the quarter across crypto-related crime verticals, Ethereum wallets and dApps saw $387 million worth of assets grabbed by cybercriminals. Polygon, BNB Chain, and Optimism trailed far behind Ethereum in terms of the amounts siphoned away.
“The third quarter of 2024 saw a decline in the total number of hacks, but an approximate 9.5% increase in total value lost,” CertiK mentioned.
