Cybercriminals caused $127 million in damages to the crypto ecosystem in this year’s third quarter with phishing scams and more. Ethereum users hit the hardest.
Q3 2024 witnessed $127 million worth of crypto lost to phishing attacks. September accounted for $46 million of the total phishing-related proceeds, with a September 28 attack being the biggest one. The attack led to a user losing $32 million in spWETH tokens “after signing a “permit” phishing signature.”
“In September, around 10K victims lost approximately $46 million to crypto phishing scams,” Scam Sniffer said, adding, “Two major victims accounted for $87 million” across Q3. One user lost their funds by copying a wallet address from their transaction history. The bad actor targeting that user had manipulated their transaction history, leading them to send $1 million to the wrong address controlled by the cybercriminal.
MistTrack, a blockchain tracking and compliance platform, mentioned that most phishing attacks in the crypto space occurred via links posted to X and Google ads. Phishing attacks occur when bad actors convince users to link their wallets to fraudulent platforms, called drainers, or sign transactions to the wrong address.
Attackers often set up traps that are disguised to make users believe they are interacting with credible platforms or transferring funds to the right destinations while pulling the wool over their eyes the entire time. So, users must check the links they interact with, whether on social media or through emails.
Ethereum Holders Brutally Hit, More Value Lost in Q3 Across Crypto Crime Methods
Ethereum users looked to be the most affected by Q3’s phishing exploits, followed by those using Polygon, BNB Chain, and Optimism.
Source: Scam Sniffer
Ethereum users were subjected to similar treatment across crypto-related cybercrime during the July-September stretch, blockchain cybersecurity firm CertiK reported. Out of the $753 million stolen via cybercrime in the period in 155 incidents, Ethereum users lost $387 million through 86 of those.
“The third quarter of 2024 saw a decline in the total number of hacks, but an approximate 9.5% increase in total value lost,” CertiK’s quarterly ‘Hack3d’ report read. “This shift indicates that attacks were, on average, more substantial, underscoring the continued need for stronger security measures across the industry.”
Among the biggest hacks, the most reported $230 million WazirX incident only ranked second. The first was a phishing attack that parted $238 million worth of BTC from a whale. Another phishing incident cost one user $55 million, which took third place.
