An unknown perpetrator carried out a phishing attack targeting creditors of the bankrupt companies BlockFi and FTX. The incident was reported by a security expert under the pseudonym Plumferno.
The worst part of this scam is that most of the assets have been stolen from dormant wallets – people who were likely affected by the BlockFi bankruptcy and haven't touched the funds since.
It may also be likely that some of these victims are still unaware they've been robbed. pic.twitter.com/hswykTVQLv
— Plum (@Plumferno) March 23, 2024
The specialist disclosed some details of the incident. According to their information, in mid-March 2024, creditors received emails purporting to be from BlockFi and FTX, containing phishing links. Allegedly, the hacker obtained a list of email addresses after compromising the Mailer Lite service.
According to the email text, creditors were invited to connect a wallet on the website, undergo verification, and withdraw funds as part of the company’s restructuring. The phishing link led to the scammer’s website, where users could lose their assets.
Plumferno expressed that the most troubling aspect of this scam is that the funds were taken from inactive accounts of individuals who may have been affected by BlockFi’s insolvency and have not accessed their assets since. There is a strong possibility that some of these individuals are unaware that their funds have been stolen.
Cyvers believe that the address is linked to the hacker group Pink Drainer, which actively utilizes phishing attacks.
🚨ALERT🚨Our system has detected a phishing address that has generated around $2.7 M in the last couple of hours!
The address in question is named "watchandlearnniggaz.eth". This phishing address is likely connected to #PinkDrainer.
Phishing address: https://t.co/WVWViGMF5a… pic.twitter.com/aSjrlwVBUI
— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) March 21, 2024
The perpetrators managed to seize cryptocurrencies and non-fungible tokens (NFTs) from Mutant Apes and Otherdeeds collections worth over $5 million. At the time of writing, funds continue to flow into the hackers’ wallet.
Recall that in the first two months of 2024, losses from phishing attacks exceeded $104 million.
