Earlier today, the virtual reality-focused project Decentraland’s X account was compromised to promote phishing links. According to a PeckShield alert on Sept. 19, crypto scammers took over Decentraland’s X account to promote a fake airdrop for its native token, MANA, targeting the project’s over 607,000 followers.
Ironically, the scammers disabled comments on their posts, claiming it was to prevent ‘malicious links.’ The now-deleted posts first surfaced around 01:50 am UTC and promoted a malicious website bearing Decentraland’s branding. Users redirected to the launch-decentraland[.org] website were asked to claim the airdrop by connecting their wallets.
Typically, in such scenarios, users are prompted to sign a malicious blockchain transaction that transfers the wallet’s control to the bad actor, allowing them to drain any crypto funds or other assets present. After the initial posts were deleted, two more similar posts were made, this time promoting a different website: token-decentraland[.]org. As of the time of writing, these posts remain.
It’s unclear how many users have been affected by this campaign so far, but PeckShield has urged users to avoid interacting with Decentraland’s X account. Based on the latest activity, it appears the VR platform has yet to regain control of the account.
Recent Phishing Scams in the Crypto Space
Several prominent crypto projects have been targeted by scammers of late, with phishing scams leading to significant losses. In August alone, these scams resulted in at least $63 million in losses. For instance, Polygon’s discord channel was compromised last month, and phishing links were posted. This echoed a similar attack on the liquid restaking platform Renzo earlier in the year.
Individual traders haven’t been spared either. One large DAI investor lost $55 million in a matter of seconds, while an NFT trader lost over $145,000 in Bored Ape Yacht Club collectibles just months before.
The common denominator in all these attacks has been the victims signing malicious transactions. Cybersecurity experts call this ‘approval phishing,’ which has led to over $2.7 billion in losses since 2021, according to Chainalysis.
Staying Safe in the Crypto World
These scams are mostly prevalent on social media platforms like X and Telegram. Research from SlowMist indicates that over 80% of all comments under posts from official crypto projects contained phishing links.
As scams become more sophisticated, the need for vigilance has never been greater. Crypto enthusiasts must stay informed and exercise caution when interacting online.
In response to these growing threats, cryptocurrency wallets like MetaMask have integrated new security features aimed at protecting users from falling victim to such attacks.
Stay informed and stay safe in the ever-evolving world of cryptocurrencies. For the latest news and updates, keep exploring more on Global Crypto News.