A wallet ending in "e57" fell prey to a sophisticated phishing attack on Sept. 27 that left the wallet drained of 12,083 Spark Wrapped Ethereum tokens (spWETH), valued at $32 million.

According to security firm CertiK, 10,000 spWETH, valued at approximately $26 million, was initially sent to a wallet beginning with "0x471c." A portion of these funds was subsequently transferred to 4 additional wallets.

1,750 Ether ( ETH ) was transferred to a wallet beginning with the characters "0x105c", 2,613 ETH was sent to a wallet starting with "0x278d", an additional 3,730 ETH to an address beginning with "0x408d", and, finally, approximately 1,865 ETH was transferred to an address beginning in "0xfaf2."

Source: CertiK Alert .

Data from Arkham Intelligence revealed that the compromised wallet may belong to F2Pool founder Shixing Mao; however, this information has yet to be verified.

Related: Decentraland X account hacked, phishing scam targets MANA airdrop

Phishing attacks on the rise in August 2024

In August 2024, crypto phishing attacks rose sharply by 215% . According to security firm Scam Sniffer's August phishing report , total losses from the malicious attacks for the month exceeded $66 million. The security firm identified one wallet that lost a whopping $55 million in a single phishing attack targeting the victim's proxy ownership.

A September 2024 report from Blockaid revealed that the infamous Angel Drainer — malicious phishing software that targets cryptocurrency users — was upgraded to the newer AngelX . The newly upgraded phishing software deployed more than 300 phishing decentralized applications (DApps) within only four days.

At the time, a Blockaid spokesperson expressed concern that the upgraded AngelX phishing suite targeted "newer" blockchain networks such as The Open Network ( TON ) and Tron ( TRX ). One of the most alarming features of AngelX is a newly upgraded control panel — giving malicious actors unparalleled control to create customized and increasingly sophisticated phishing scams.

Search engines unknowingly feature malicious phishing links

A Sept. 11 report from Scam Sniffer revealed that search engine DuckDuckGo displayed fraudulent Etherscan sites . The security firm warned that these malicious links prompt users to connect MetaMask wallets — leading to hackers being able to access funds once the wallets are connected.

Magazine: Bankroll Network DeFi hacked, $50M phisher moves crypto on CoW: Crypto-Sec