In a distressing turn of events, a cryptocurrency holder has reportedly fallen prey to a staggering $4.46 million phishing scam. According to Etherscan data, the victim's wallet on the Kraken cryptocurrency exchange was drained of $4.46 million in Tether (USDT) and subsequently transferred to an address ending in "ACa7." This address has been flagged by blockchain security firm PeckShield as belonging to a notorious phishing scammer.
Adding to the complexity of the situation, Scam Sniffer, another blockchain scam tracking platform, revealed that the pilfered funds were being directed towards addresses associated with a fraudulent entity known as the "fake Coinone cryptocurrency mining exchange." A user-generated Dune Analytics dashboard , linked by Scam Sniffer, indicated that scams of this nature have resulted in scammers siphoning off approximately $337.1 million in USDT, impacting as many as 21,953 individuals.
Anti-fraud organizations worldwide have sounded alarms about this particular type of scam, often referred to as "approval mining." It typically ensnares victims into granting unauthorized withdrawals from their cryptocurrency wallets. The mechanics of the scam involve exploiting crypto wallet private keys, which are safeguarded through encryption. However, fraudsters are circumventing the need for a mnemonic phrase.
The scammers employ a deceptive tactic: victims are prompted to click a button to participate in a purported mining pool. This button, seemingly innocuous, requests a nominal Ethereum network fee, usually ranging from $10 to $50. While this fee might appear reasonable, it is, in fact, a ruse. According to GASO, a blockchain security firm, this fee serves as a ploy to obtain the victim's digital signature authorization, effectively granting unrestricted access to the wallet via the USDT smart contract.
