$5 Million Phishing Attack Targets FTX and BlockFi Creditors

$5 Million Phishing Attack Targets FTX and BlockFi Creditors
Photo by Kasia Derenda / Unsplash

In a recent cybersecurity incident, creditors of the bankrupt companies BlockFi and FTX became the latest victims of a sophisticated phishing scheme, leading to losses exceeding $5 million in cryptocurrencies and non-fungible tokens (NFTs), including prized assets from the Mutant Apes and Otherdeeds collections. This alarming development was reported by cybersecurity experts from Cyvers and an analyst operating under the pseudonym Plumferno.

The attack unfolded in mid-March 2024, when creditors received emails purportedly from BlockFi and FTX, containing malicious links. These phishing emails cunningly invited the creditors to connect their wallets on a fake website, complete a verification process, and withdraw funds as part of the companies' restructuring efforts. Unbeknownst to the victims, clicking on the phishing link directed them to a site controlled by the attackers, leading to the theft of their digital assets.

Plumferno, shedding light on the incident, highlighted the insidious nature of the scam. Many of the assets were stolen from dormant wallets belonging to individuals already impacted by BlockFi's bankruptcy, who had not accessed their funds since the company's collapse. There's a high probability that some victims remain unaware of the theft.

Further investigations suggest the phishing operation may be linked to the hacker group known as Pink Drainer, notorious for its phishing attacks. As of this writing, the hackers' wallet continues to receive funds, underscoring the ongoing threat posed by such malicious activities.

This event is part of a troubling trend, with phishing attack losses topping $104 million in the first two months of 2024 alone. It serves as a stark reminder of the persistently high risks in the digital asset space and the importance of vigilance and cybersecurity measures to protect against such sophisticated threats.