Phishing scammers have cloned the websites of crypto media outlet Blockworks and Ethereum blockchain scanner Etherscan to trick unsuspecting readers into connecting their wallets to a crypto drainer.
A fake Blockworks site displays a fake “BREAKING” news report of a supposed multimillion-dollar “approvals exploit” on the decentralized exchange Uniswap and encourages users to a faked Etherscan website to rescind approvals.
The fake Uniswap news article was posted on Reddit across several popular crypto-related subreddits by seemingly compromised Reddit accounts.
The fake Etherscan website, which display a purported token and smart contract approval checker, instead contains a wallet drainer.
Blockchain security firm Beosin reviewed the drainer’s smart contract and told Cointelegraph the attacker hopes to drain wallets with at least 0.1 Ether (ETH), worth $180. However, the drainer is incorrectly set up as “there is no phishing transaction prompted after a wallet is connected.”
Related: 85% of crypto rug pulls in Q3 didn’t report audits: Hacken
An age check of the domains shows the fake Etherscan site, approvalscan.io, was registered on Oct. 25 and the faked Blockworks site, blockworks.media, was registered a day later.
In an Oct. 25 post on X (Twitter), Web3 anti-scam platform Scam Sniffer reported $190,000 in funds was drained from a crypto wallet with the victim signing a malicious signature.
the victim signed Uniswap Permit2 malicious phishing signatures like this pic.twitter.com/NcXIotokwL
— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) October 26, 2023
Scam Sniffer’s post shows phishing scammers deployed a wallet drainer on a website cloning the crypto news outlet Decrypt that prompts users to connect their wallet for an airdrop of the publication’s token.
Magazine: Ethereum restaking — Blockchain innovation or dangerous house of cards?
Update (Oct. 27, 1:30 am UTC): This article has been updated with further information and comment from Beosin.