New Research: Phishing Attacks Stole $295 Million In Crypto In 2023

Cryptocurrency to ThievesResearchers at Scam Sniffers have found that phishing attacks stole nearly $295 million worth of cryptocurrency from 324,000 victims in 2023, CryptoSlate reports. The cryptocurrency is stolen by malware delivered via phishing sites.

“Wallet Drainers, a type of malware related to cryptocurrency, has achieved significant success over the past year,” the researchers write. The code is deployed on phishing websites to trick users into signing malicious transactions, thereby stealing assets from their cryptocurrency wallets. These phishing activities continue to attack ordinary users in various forms, leading to significant financial losses for many who unwittingly sign malicious transactions.

The year was marked by several major cryptocurrency thefts enabled by social engineering.

“It is worth mentioning that almost $7 million was stolen on March 11 alone,” the researchers write. “Most of it was due to fluctuations in USDC rates, as victims encountered phishing websites impersonating Circle. There were also significant thefts close to March 24, when Arbitrum’s Discord was hacked and their airdrop date is also near that. Each peak in theft is associated with group-related events. These could be airdrops or hacking incidents.”

The researchers tracked six major wallet drainers, each of which pilfered tens of millions of dollars in 2023.

“Following ZachXBT’s exposure of Monkey Drainer, they announced their departure after being active for 6 months,” the researchers write. “Venom then took over most of their clientele. Subsequently, MS, Inferno, Angel, and Pink all appeared around March. As Venom stopped services around April, most phishing gangs turned to using other services. The scale and speed have escalated alarmingly. For instance, Monkey drained $16 million over a span of 6 months, while Inferno Drainer outpaced this significantly, looting $81 million in just 9 months. Based on a 20% Drainer fee, they profited at least $47 million from selling wallet drainer services.”

KnowBe4 enables your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.

CryptoSlate has the story.

Free Phishing Security Test

Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

PST ResultsHere's how it works:

  • Immediately start your test for up to 100 users (no need to talk to anyone)
  • Select from 20+ languages and customize the phishing test template based on your environment
  • Choose the landing page your users see after they click
  • Show users which red flags they missed, or a 404 page
  • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
  • See how your organization compares to others in your industry

Go Phishing Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Subscribe to Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews