The most recent phishing attempt by a red-flagged smart contract that has already stolen over USD 300,000 worth of Ether has targeted a fraudulent website imitating the popular Ethereum Denver conference.
Hackers created a replica of the website for the well-known conference this week, in an attempt to deceive users into linking their MetaMask wallets. The fraudulent website was discovered by Blockfence, which revealed that the associated smart contract had infiltrated over 2,800 wallets and siphoned off more than USD 300,000 during the last six months. On Twitter, ETHDenver also alerted its followers to the harmful website, issuing a warning about it.
According to Cointelegraph, Omri Lahav, the CEO of Blockfence, revealed that the fraudulent website directed users to connect their MetaMask wallets through the standard “connect wallet” button. Once a transaction is confirmed, the website executes its malicious function, resulting in the theft of the users’ funds.
While monitoring various industry trends, Blockfence’s research team discovered the incident. Lahav stated that the scamming smart contract had purloined more than 177 ETH since its launch in the middle of 2022. He stated that considering that the smart contract has been in operation for nearly six months, it’s conceivable that it was employed in other phishing schemes.
The hackers had taken an extra step by purchasing a Google advertisement to promote the URL for the fraudulent website, assuming that search volumes would increase as ETHDenver approached on February 24 and 25. In the Google search results, the imitation website was ranked second, above the authentic ETHDenver website.