FTX and BlockFi Lenders Hit by $5 million Phishing Attack
Cyvers and Plumferno experts reported a security incident. The hacker's "target" was the creditors of BlockFi and FTX firms.
![FTX and BlockFi Lenders Hit by $5 million Phishing Attack](/content/images/2024/03/hacking-hack-scam-100.jpg)
An unknown person carried out a phishing attack aimed at creditors of bankrupt BlockFi and FTX companies. The incident was reported by a security expert under the pseudonym Plumferno.
The worst part of this scam is that most of the assets have been stolen from dormant wallets - people who were likely affected by the BlockFi bankruptcy and haven't touched the funds since.
— Plum (@Plumferno) March 23, 2024
It may also be likely that some of these victims are still unaware they've been robbed. pic.twitter.com/hswykTVQLv
The specialist revealed some details of the incident. According to him, in mid-March 2024, creditors received letters from allegedly BlockFi and FTX firms containing phishing links. Presumably, the hacker received a list of email addresses after hacking the Mailer Lite service.
According to the text of the letter, creditors were offered to connect a wallet on the website, undergo verification and withdraw funds as part of the restructuring of the company. The phishing link led to the scammer's website, where users could lose assets when connecting to it.
"The worst part of this fraud is that the assets were stolen from the inactive wallets of people who were probably affected by BlockFi's bankruptcy and have not touched the funds since. It is likely that some of these victims still do not suspect that they were robbed," Plumferno wrote.
At the same time, Cyvers believes that the address is associated with the Pink Drainer hacker group, which actively uses phishing attacks.
?ALERT?Our system has detected a phishing address that has generated around $2.7 M in the last couple of hours!
— ? Cyvers Alerts ? (@CyversAlerts) March 21, 2024
The address in question is named "watchandlearnniggaz.eth". This phishing address is likely connected to #PinkDrainer.
Phishing address: https://t.co/WVWViGMF5a… pic.twitter.com/aSjrlwVBUI
According to The Block, the attackers managed to seize cryptocurrencies and non-interchangeable tokens (NFT) from the collections of Mutant Apes and Otherdeeds for more than $ 5 million. At the time of writing, funds continue to flow into the hackers' wallet.
Source: https://incrypted.com/kreditory-ftx-i-blockfi-postradali-ot-fishingovoj-ataki-na-bolee-chem-5-mln/