Phishing scams stole around $300 million worth of cryptocurrencies from 320,000 investors in 2023, according to the yearly report from web3 security firm Scam Sniffer.

Phishing scams are one of the most common means of attack against the emerging industry and have resulted in the loss of millions of funds. In one incident, these scammers stole $24.23 million of liquid-staked Ethereum, including 4,851 rETH (worth $8.58 million) and 9,579 stETH ($15.63 million).

Wallet drainers reign supreme

According to the report, malicious actors leveraged wallet drainers to orchestrate these phishing attacks.

Wallet drainers are usually embedded within phishing websites, deceiving unsuspecting individuals into authorizing malicious transactions that would enable the theft of their digital assets from their cryptocurrency wallets.

ScamSniffer’s exhaustive analysis identified six prominent wallet drainer service providers, including Inferno, MS, Angel, Monkey Drainer, Venom Drainer, Pink Drainer, and Pussy Drainer.

The Inferno Drainer emerged as the top player among these scammers, facilitating the theft of $81 million from 134,000 users over nine months. The crypto wallet-draining kit operator shut operations in November 2023.

Similarly, MS Drainer and Angel Drainer capitalized on this trend, pilfering $59 million from 63,000 users and $20 million from 30,000 victims, respectively.

Another prominent player, Monkey Drainer, stole $16 million from 18,000 people. It shut operations in March last year.

These Wallet Drainer services providers earned at least $47 million from their 20% drainer fee.

Phishing scammers tactics

Scam Sniffer exposed various methods employed by the attackers, encompassing hacking attacks, organic and paid traffic strategies.

Attackers infiltrate official social media accounts of projects or manipulate their front end and libraries. Tactics such as spam mentions, comments on Twitter, fake airdrops, expired Discord links and paid adverts on Google search and Twitter drive traffic, often escaping detection compared to blatant hacking attempts.

It is imperative to note that the phishing attack method chosen hinges on the content of the victim’s wallet.

Scam Sniffer said it scanned nearly 12 million URLs during the reporting period, unearthing about 145,000 malicious URLs. Presently, the firm’s blacklist contains approximately 100,000 malicious domains, signifying the scale of the ongoing threat.