The Ethereum network was the most affected with ERC20 phishing attacks amounting to over $43.3 million stolen from different users in September.
The mainstream adoption of web3 protocols and digital assets has faced a major challenge of sophisticated security threats, mostly involving phishing scams and attacks on poorly designed smart contracts.
According to the latest report by Scam Sniffer, more than $46.6 million was stolen from 10,805 victims in September alone.
The majority of the stolen funds, amounting to $44.69 million, were made through phishing attacks. Only a small amount of tracked stolen funds, amounting to around $2 million, was siphoned from the victims through address poisoning.
The Ethereum ETH $4 394 24h volatility: 5.3% Market cap: $530.42 B Vol. 24h: $40.07 B network accounted for the majority of the stolen funds in September. At the end of the month, an Ethereum user lost 12,083 spWETH, worth approximately $32.5 million, after signing a permit phishing signature.
Another Ethereum user lost about $1 million after copying the wrong addresses from a contaminated history.
As a result, more than $127 million was stolen from more victims in the third quarter, at an average of 11k victims per month.
🚨 ScamSniffer September Phishing Report
In September, around 10K victims lost approximately $46 million to crypto phishing scams.In Q3 2024, phishing losses totaled $127 million with an average of 11K victims per month. Two major victims accounted for $87 million. 💸
🧵 [1/8] pic.twitter.com/T2OpXQ8Cqb
— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) October 4, 2024
Rising Phishing Attacks Hinder Mainstream Adoption of Crypto Assets
In addition to the numerous phishing scams in the recent past, exchanges hacked during the third quarter led to more crypto users losing their funds, which ended up being laundered through crypto mixers such as Tornado Cash.
For instance, in mid-July, Indian cryptocurrency exchange WazirX announced that its multi-signature wallet was exploited leading to the loss of more than $230 million in users’ funds.
Already, the WazirX exploiter has laundered the majority of the funds through Tornado cash, thus eliminating any chance of users ever being made whole again.
The notable exploitation of users’ funds in the crypto industry has significantly discouraged new users from injecting more funds into the web3 space. Furthermore, there are fewer measures to recapture stolen funds through blockchain technology compared to the traditional financial sector.
Nevertheless, crypto users are gradually becoming more aware of the crypto phishing scams, which are mostly orchestrated through Elon Musk’s X platform.
Additionally, more web3 protocols have integrated security mechanisms to ensure the maximum safety of users’ funds.
Ultimately, crypto users are expected to protect themselves by familiarizing themselves with the common phishing scenarios.
Bigger Picture
The crypto market has grown to more than $2.2 trillion in valuation, mostly fueled by mainstream adoption by institutional investors and favoring regulatory reforms. The entrance of institutional funds into the crypto space will significantly help to improve overall security, especially in multi-chain smart contracts.
According to on-chain data, institutional investors led by the US spot BTC ETFs have accelerated the rate of Bitcoin Purchases to hedge against inflation and geopolitical uncertainty. As a result, it is safe to assume that the crypto market will continue to grow exponentially irrespective of the phishing attacks since the gains outweigh the losses in the long haul.
next