
Phishing fraudsters have devised a new scam, creating sham duplicate sites of crypto media outlet Blockworks and Ethereum blockchain scanner Etherscan, to dupe crypto users into connecting their wallets to a crypto drainer. Their deceitful tactics are centred around a faux news of a $37 million Uniswap exploit.
The counterfeit Blockworks site displays a forged “BREAKING” news report about an alleged multimillion-dollar “approvals exploit” on the decentralized exchange Uniswap. It then redirects users to a bogus Etherscan website to rescind approvals.
The counterfeit Uniswap news article was disseminated on Reddit across numerous crypto-related subreddits by seemingly compromised Reddit accounts. The sham Etherscan site, purporting to display a token and smart contract approval checker, instead houses a wallet drainer.
Blockchain security company Beosin analyzed the drainer’s smart contract. They reported that the attacker aims to drain wallets with at least 0.1 Ether (ETH), worth $180. However, the drainer is incorrectly set up as “there is no phishing transaction prompted after a wallet is connected.”
Web3 anti-scam platform Scam Sniffer revealed on Twitter that scammers had also deployed a wallet drainer on a website imitating the crypto news outlet Decrypt. However, Scam Sniffer confirmed that the faked Blockworks and Decrypt sites are operated by different fraudsters.
victim:
— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) October 26, 2023
0xc0eea02d8122040b039975d928f0588ecaf45082
scammers:
0x0000D56b6E33cb711256fF3483ace599F17f0000
0xF56D4380594624c6Bdd9Ee58D6060F4310733285
0x53d0E4dAb3E125dd25EcfB24Ca610075Fa9bC8e1
The fake Etherscan site, approvalscan.io, was registered on October 25, and the bogus Blockworks site, blockworks.media, was registered a day later.
Read Now: Avante Art and Yuga Labs partner to offer physical CryptoPunks for limited time