Massive Phishing Attack Plunders Crypto Wallets, Netting Over $1.3 Million

By: Isha Das

A phishing attack exploiting vulnerabilities in email service MailerLite has looted over $1.3 million from crypto wallet holders, according to a series of reports. An employee of MailerLite was tricked into providing internal access via a malicious link, enabling the hackers to send convincing scam emails from official web3 companies' addresses.

The companies affected, including Wallet Connect, inadvertently sent out emails inviting users to claim an 'airdrop', which led users to a malicious site hosted by the Angel Drainer Group infrastructure. Using this site, thieves were able to drain funds from thousands of wallets. The compromise also affected other entities within the crypto sphere, with CoinTelegraph, Token Terminal, and De.Fi team emails also exploited for the scam.

The phishing operation was sophisticated, taking advantage of pre-existing DNS records associated with MailerLite, and previously used by the targeted companies, to conduct the security breach. Once inside, the attackers focused solely on cryptocurrency-related accounts for their phishing campaign. An unnamed Reddit user provided analysis of the transactions, revealing that one victim wallet alone had lost 2.64M worth of XB Tokens.

Such scams are a reminder of the importance of stringent security measures within both corporate entities and individual users in the crypto space.