Fake Ethereum Denver website linked to notorious phishing wallet

Published at: Feb. 20, 2023

A fake website of the popular Ethereum Denver conference is the latest phishing target of a red-flagged smart contract that has stolen over $300,000 worth of Ether (ETH).

The popular conference saw its website duplicated by hackers this week in order to trick users into connecting their MetaMask wallets. According to Blockfence, which identified the fraudulent website, the smart contract has accessed more than 2800 wallets and has stolen over $300,000 over the past six months.

Another day, another scam. This time the scammer targeted the @EthereumDenver website. Blockfence is here to protect you and fight scammers together: The scam contract was marked as "High Risk" by our ML algorithm and our partners at @GoplusSecurity pic.twitter.com/Jdtoz2Bgu4

— Blockfence (@blockfence_io) February 20, 2023

Ethereum Denver also shared a warning to its followers on Twitter warning of the malicious website.

Hello Fellow Bufficorns!!Please be aware that there is a FAKE ETHDenver website that is asking for you to connect your wallet.“Go-ETHDenver” is not us. Please report the site! pic.twitter.com/1dt4hYmfvO

— ETHDenver (@EthereumDenver) February 20, 2023

Blockfence CEO Omri Lahav told Cointelegraph that users were prompted to connect their Metamask wallets via the usual ‘connect wallet’ button. The website prompts a transaction that, if approved, carries out the malicious function and steals the users' funds.

Blockfence’s research team identified the incident while tracking different trends in the industry. Lahav said that the smart contract executing the scam had stolen over 177 ETH since its deployment midway through 2022:

“Since the smart contract was deployed almost 6 months ago, it’s possible that it was used on other phishing websites.”

Hackers had gone as far as paying for a Google advert to promote the malicious website’s URL, banking on search trends being high, with Eth Denver taking place on Feb. 24 and 25. The fake website appeared second on a Google search, above the actual ETH Denver website.

As previously reported, hacks and scams continue to be commonplace in the cryptocurrency ecosystem. 2022 saw over $2.8 billion of cryptocurrency stolen last year through a variety of different hacks and exploits.

Tags
Related Posts
Four Out of Five Top Bitcoin QR Code Generators are Scams: Report
Four out of the first five results presented when querying Google for a “bitcoin qr generator” lead to scam websites. The findings Cryptocurrency wallet ZenGo wrote the findings in a blog post published on Aug. 29. Reportedly, when researching prior to implementing QR Code support in their wallet, ZenGo learned of the prevalence of scam QR Code generators. The company explains how the alleged scam works: “These sites generate a QR code that encodes an address controlled by the scammers, instead of the one requested by the user, thus directing all payments for this QR code to the scammers.” QR …
Hacks / Sept. 6, 2019
US Blockchain Investor Terpin Awarded Over $75 Million in SIM Swapping Case
United States blockchain and crypto investor Michael Terpin has won $75.8 million in a civil case against 21-year-old Nicholas Truglia, who reportedly defrauded him of crypto assets. Reuters reported the news on May 10. Per the report, the California Superior Court last week ordered Manhattan resident Truglia to pay the amount above in compensatory and punitive damages. The amount is reportedly one of the largest court judgments awarded to an individual in the crypto space thus far, Reuters notes. As previously reported, Terpin filed the complaint against Truglia in particular in late December, after first filing a lawsuit against AT&T …
Blockchain / May 11, 2019
Expert Warns: Don’t Trust Ransomware Groups Amid Pandemic
A cybersecurity expert explained why he is convinced that the promises made by ransomware groups amid the pandemic are irrelevant. Brett Callow — threat analyst at cybersecurity firm Emsisoft — told Cointelegraph that multiple ransomware groups recently made promises to halt their activity against medical organizations amid the coronavirus pandemic. Still, he believes that those promises are irrelevant: “The claims of a ceasefire made by ransomware groups are irrelevant [and] should be completely disregarded. Would you leave your front door unlocked simply because the local burglars had pinky-promised not to rob you? Probably not. The story of the frog and …
Blockchain / April 16, 2020
Ethereum Name Service Auctions Halted Because of a Bug
Ethereum Name Service (ENS) name auctions were halted because of a bug that resulted in names being awarded to wrong users and for lower bids. Faulty documentation ENS’s editor Brantly Millegan announced the halt of the name auctioning service in a Medium article published on Sept. 30. He noted that most of the first auctions concluded successfully and only a few were affected by the bug. The anomalous result of some auctions had two distinct causes, one of which lies in documentation, not the software, according to Millegan. Per the announcement, “some bidders were given incorrect information on how to …
Ethereum / Oct. 1, 2019
$6.4M Worth of FSN Tokens Stolen From Fusion Network’s Swap Wallet
Fusion Network’s token swap wallet was compromised. Roughly a third of FSN tokens was stolen as a result. Fusion Foundation announced in a Medium post published on Sept. 29 that its swap wallet was compromised, which resulted in the theft of 10 million native FSN and 3.5 million Ethereum (ETH)-based ERC-20 FSN tokens. The total worth of stolen FSN tokens was estimated at around $6.4 million at that time. The Foundation’s investigation has not revealed any other affected wallets so far. The alleged cybercriminal reportedly started to launder the coins already: “After the currency was stolen, abnormal wash-trading behaviour occurred, …
Altcoin / Sept. 29, 2019