Bankless Times
Hackers Steal 3.3M$ in Web3 Phishing Scam
HomeNewsHackers Steal 3.3M$ in Web3 Phishing Scam

Hackers Steal 3.3M$ in Web3 Phishing Scam

Web 3.0
Daniela Kirova
Daniela Kirova
January 24th, 2024
Why trust us
Advertiser Disclosure
  • Leading platforms sent out emails with malicious links containing wallet-draining apps
  • MailerLite’s system was compromised via a social engineering attack

Email marketing company MailerLite confirmed that hackers had gained access to the accounts of several leading Web3 companies and perpetrated phishing email scams, stealing around $3.3 million from users in the process, Cointelegraph reported. The medium was among the victims.

Email system was compromised

Token Terminal, WalletConnect, and other leading platforms sent out emails with malicious links containing wallet-draining apps. This became possible because MailerLite’s system was compromised via a social engineering attack aimed at a staff member.

The company stated that their employee had clicked on an image linked to a fake Google sign-in page as they were answering a customer’s question via the support portal. This enabled the attackers to infiltrate MailerLite’s internal admin panel. They reset a user password in the panel, gaining further control.

Focus was on crypto accounts

MailerLite added the attackers had been solely focused on crypto-related accounts. Of the 117 they accessed, only a few were used to launch phishing campaigns. By that time, the company had warned its users that their personal data was affected, including full names and email addresses.

Mainly Xbanking tokens were stolen

Blockchain analytics platform Nansen estimates that the cybercriminals stole $3.3 million. However, the vast majority of the funds ($2.6 million) was Xbanking tokens, which are not particularly liquid and are only exchanged on Latoken via CoinGecko.

The more liquid funds stolen only amount to around $700,000, Nansen estimates.

An anonymous Reddit user started a detailed thread and reached a similar estimate of the total funds stolen in the attacks. He also mentioned mostly XB tokens had been stolen.

Scammers used Railgun to hide transfer

Nansen and the Reddit post both drew attention to the fact that the scammers used the privacy protocol Railgun to hide the transfer of the crypto stolen. Railgun is a privacy protocol running on top of the Ethereum Mainnet, Polygon, BNB Chain, and Arbitrum. It uses zk cryptography to let people use smart contracts and DeFi protocols privately.

Contributors

Daniela Kirova
Daniela Kirova
Writer
Daniela is a writer at Bankless Times, covering the latest news on the cryptocurrency market and blockchain industry. She has over 15 years of experience as a writer, having ghostwritten for several online publications in the financial sector.