A wallet ending in “e57” fell prey to a sophisticated phishing attack on Sept. 27. The attack drained the wallet of 12,083 Spark Wrapped Ethereum tokens (spWETH), valued at $32 million.

According to security firm CertiK, 10,000 spWETH, valued at approximately $26 million, was initially sent to a wallet beginning with “0x471c.” A portion of these funds was subsequently transferred to four additional wallets.

1,750 Ether (ETH) was transferred to a wallet beginning with the characters “0x105c,” 2,613 ETH was sent to a wallet starting with “0x278d,” an additional 3,730 ETH to an address beginning with “0x408d,” and approximately 1,865 ETH was transferred to an address beginning in “0xfaf2.”

Source: CertiK Alert

Data from Arkham Intelligence revealed that the compromised wallet may belong to F2Pool founder Shixing Mao; however, this information has yet to be verified.

Related: Decentraland X account hacked, phishing scam targets MANA airdrop

Phishing attacks on the rise in August 2024

In August 2024, crypto phishing attacks rose sharply by 215%. According to security firm Scam Sniffer’s August phishing report, total losses from the malicious attacks for the month exceeded $66 million. The security firm identified one wallet that lost a whopping $55 million in a single phishing attack targeting the victim’s proxy ownership.

A September 2024 report from Blockaid revealed that the infamous Angel Drainer — malicious phishing software that targets cryptocurrency users — was upgraded to the newer AngelX. The newly upgraded phishing software deployed more than 300 phishing decentralized applications (DApps) within only four days.

At the time, a Blockaid spokesperson expressed concern that the upgraded AngelX phishing suite targeted “newer” blockchain networks such as The Open Network and Tron. One of the most alarming features of AngelX is a newly upgraded control panel, which gives malicious actors unparalleled control to create customized and increasingly sophisticated phishing scams.

Search engines unknowingly feature malicious phishing links

A Sept. 11 report from Scam Sniffer revealed that search engine DuckDuckGo displayed fraudulent Etherscan sites. The security firm warned that these malicious links prompt users to connect MetaMask wallets — leading to hackers being able to access funds once the wallets are connected.

Magazine: Bankroll Network DeFi hacked, $50M phisher moves crypto on CoW: Crypto-Sec