Crypto Wallet b3hodlr.eth Loses $1.26 Million in wstETH to Phishing Scam
A phishing attack compromised the wallet b3hodlr.eth. A malicious actor stole about 356.7 Wrapped Liquid Staked ETH (wstETH). This theft is worth roughly $1.26 million at the current market price.
This incident highlights the growing threat of phishing scams within the crypto community.
Phishing Remains a Popular Cybercrime Tactic in the Crypto Industry
PeckShield, a blockchain security company, alerted the community to this attack. On-chain data revealed that the b3hodlr.eth wallet was compromised through a phishing scheme orchestrated by Fake_Phishing187019.
Phishing Attack on b3hodlr.eth Wallet. Source: X/PeckShieldAlert
In addition to the b3hodlr.eth incident, PeckShield flagged another recent phishing scam involving a wallet address 0xff49. This address fell victim to a phishing group known as Pink Drainer, resulting in the loss of approximately 562.4 Staked ETH (stETH), valued at around $1.66 million.
A report by Scam Sniffer revealed that Wallet Drainers, a type of phishing malware, are frequently deployed on phishing websites to trick users into signing malicious transactions. Scam Sniffer outlined that in the first quarter of 2024, $173 million was lost to phishing scams.
“Crypto phishing scams hit $71 million in March, marking a 50% increase in stolen funds from February,” ScamSniffer added.
Additionally, phishing activities on the BNB and Base chains surged in March. During the period, the stolen funds on the Base chain increased by 300% compared to February.
The report further explained that these malicious groups conduct phishing activities like business. When one drainer group exits, a new one replaces them. For example, Angel Drainer’s emergence seemed to have replaced Inferno Drainer after they announced their exit.
In addition to the drainer gangs, larger cybercrime groups like the Lazarus Group, allegedly linked with the North Korean government, also use phishing tactics. BeInCrypto recently reported that SlowMist revealed the Lazarus Group used LinkedIn to impersonate a partner at Fenbushi Capital—a blockchain venture capitalist based in Shanghai.
They created fake LinkedIn identities, posing as Fenbushi Capital partners. They then reached out to potential targets, offering investment opportunities or networking at conferences. This scheme aimed to exploit employee access and steal valuable crypto assets.
As the crypto industry evolves, so do malicious actors’ tactics. These phishing incidents remind us of the importance of cybersecurity in protecting digital assets. Staying vigilant and adopting strong security practices can help crypto holders protect against cybercrimes.