Phishing scammers have cloned the web sites of crypto media outlet Blockworks and Ethereum blockchain scanner Etherscan to trick unsuspecting readers into connecting their wallets to a crypto drainer.
A faux Blockworks site displayed a faux “BREAKING” information report of a supposed multimillion-dollar “approvals exploit” on the decentralized exchange Uniswap and inspired customers to go to a faux Etherscan web site to rescind approvals.
The faux Etherscan web site, which shows a purported token and sensible contract approval checker, as an alternative contains a wallet drainer.
Blockchain safety agency Beosin reviewed the drainer’s sensible contract and informed Cointelegraph the attacker hopes to drain wallets with a minimum of 0.1 Ether (ETH), value $180. However, the drainer is incorrectly arrange, as “there is no phishing transaction prompted after a wallet is connected.”
An age verify of the domains exhibits the faux Etherscan site, approvalscan.io, was registered on Oct. 25, and the faux Blockworks site, blockworks.media, was registered a day later.
In an Oct. 25 X (Twitter) publish, Web3 anti-scam platform Scam Sniffer confirmed that scammers had deployed a pockets drainer on a web site cloning the crypto information outlet Decrypt.
the sufferer signed Uniswap Permit2 malicious phishing signatures like this pic.twitter.com/NcXIotokwL
— Scam Sniffer | Web3 Anti-Scam (@actualScamSniffer) October 26, 2023
Scam Sniffer informed Cointelegraph that the faked Blockworks and Decrypt websites are, nonetheless, run by completely different scammers.
Update (Oct. 27, 1:30 am UTC): This article has been up to date with additional info and feedback from Beosin and Scam Sniffer.