1/8 🚨 SECURITY ALERT: A victim lost 143.45 ETH ($460,895) through transaction simulation spoofing 1 day ago.

Here's how these attacks work... 🧵 2/8 📱 Transaction simulation is a feature in modern Web3 wallets that shows users the expected outcome of their transactions before signing.

This feature aims to improve transparency and user experience. 🔍

1/7 🚨 SECURITY ALERT: New sophisticated scam targeting crypto users through fake Telegram groups.

Attackers are impersonating multiple crypto influencers and using malicious bots for verification. Here's how it works... 🧵

https://twitter.com/17552210/status/1866454053129269371

2/7 📱 First, scammers create fake accounts mimicking popular crypto influencers.

They comment on legitimate posts, inviting users to "exclusive" Telegram groups promising alpha and investment insights. 🎭

🧵 [1/7] 🚨 ScamSniffer November Phishing Report

$9,380,000 STOLEN
9,208 VICTIMS

November saw one victim lose $661K in stETH within minutes - and that's just the tip of the iceberg.

Let's dive into the dark side of Web3... 🧵 🧵 [2/7] BIGGEST HITS 💸

• $661K stETH (ETH) - Permit
• $409K WBTC (ARB) - Permit
• $344K FET (ETH) - Uniswap Permit2
• $220K USDT (ETH) - Direct Transfer

Pattern? Malicious signatures remain the deadliest weapon 🎯

🚨 5 hours ago, someone lost 15,079 fwDETH($35M) after signing a "permit" phishing signature.💸
victim:
0xeab23c1e3776fad145e2e3dc56bcf739f6e0a393

scammer:
0x0605edee6a8b8b553cae09abe83b2ebeb75516ec

https://x.com/roffett_eth/status/1844585497626394774

🚨 ScamSniffer September Phishing Report
In September, around 10K victims lost approximately $46 million to crypto phishing scams.

In Q3 2024, phishing losses totaled $127 million with an average of 11K victims per month. Two major victims accounted for $87 million. 💸

🧵 [1/8] 🧵 [2/8] One victim lost $32 million by signing a permit signature.

As users, always double-check for potential phishing risks before signing anything. 🔍💰

https://x.com/realScamSniffer/status/1839923975184625832

🚨 5 hours ago, a victim lost $55.43M in DAI after signing a phishing transaction targeting its DeFi Saver Proxy.

How did this happen? 👇 By checking 0x2129F8a9b6C3092a600Da82Ce859B7A9a69983E4‘s transactions,

10 hours ago, the victim 0xf2B889437F243396b29E829908b5d8ebE2e13048 executed a `setOwner` transaction.

etherscan.io/address/0x2129…

🧵 [1/6] 🚨 ScamSniffer's April Phishing Report 🚨
April saw a significant decrease in losses from phishing attacks, with 34,000 victims losing $38 million.

This is a 46% drop compared to last month. 📉 🧵 [2/6] Despite the overall decline, theft on the Base chain saw a substantial increase of 145% from the previous month.

Notably, 2 of the top 10 largest single thefts occurred on this chain, accounting for 21% of the month's total theft.

🚨 someone lost $2 million worth of ETH to phishing scams about 1 hour ago. ether.fi


victim:
0x39b28b4ef189ea7ecc961b08f4d3f89f39ad1ccf

scammer:
0x1af48964975ccf8fb66140873b3d16237587cbe7

etherscan.io/tx/0x16d1e7522…

1/ 🚨 A recent surge in phishing scams via Google search ads has led to users losing approximately $4 million.
ScamSniffer has investigated multiple cases where users clicked on malicious ads and were directed to fraudulent websites.
#PhishingScams #GoogleAds 2/ 🕵️‍♂️ Investigation into the keywords used by victims has uncovered numerous malicious ads at the forefront of search results.
Most users, unaware of the deceptive nature of search ads, click on the first available option, leading them to malicious websites.
#Cybersecurity

Weekly Update - 28th Aug

1. DNS change monitor and reminder
2. NFT honeypot attack detection
3. Sync malicious domains and addresses to Chainabuse
4. Tenderly API configuration 1. DNS change monitor and reminder
In the recent Curve DNS attack on 9th Aug. 2022, the Curve DNS vendor changed from Vercel to UAB Cherry Servers with no pre-notice.
We tried to build DNS change monitor and reminder for over 50 well-known projects: github.com/scamsniffer/Si…