Users of a prominent cryptocurrency exchange may have lost nearly $46 million to alleged phishing schemes in the last two weeks as climbing crypto prices lure malicious actors into the space.
Methods like address poisoning and wallet spoofing deceive victims into sending their assets to fake wallet addresses that closely mimic legitimate ones.
A blockchain investigator has reported that several wallets linked to this exchange have been compromised this month. A blockchain explorer screenshot indicated a suspected theft of 400 Bitcoin (BTC) from a single wallet.
“It appears a user was defrauded yesterday for $34.9 million (400.099 BTC),” the investigator stated in a Telegram post. “Through my investigation of this theft, I noted several other suspected frauds involving users of the exchange in the past two weeks, bringing the total stolen this month to over $46 million,” they added.
Victim of the suspected 400 BTC phishing heist. Source: Blockchair
In response to these incidents, a communications director from the exchange stated, “We are aware of these claims and are looking into them.” She emphasized:
“Our platform will never contact you to request your login credentials, API keys, or two-factor authentication codes. We will also never ask you to transfer funds.”
“If someone reaches out claiming to represent us and asks for this information or urges you to send assets, do not comply. It’s a scam,” she added.
Related: Security fears impede crypto payment adoption globally — Survey
Fraudsters often masquerade as major brands
Fraudsters tend to impersonate well-known global brands to create an illusion of trust for their victims.
Scammers frequently mimic popular US brands. Source: Mailsuite
Within the crypto sector, this exchange has been the most impersonated brand by scammers, while another major technology firm faced over 25 times the amount of impersonation attempts compared to the exchange, as reported previously.
The exchange ranks as the third-largest centralized cryptocurrency exchange globally, with a daily trading volume exceeding $1.6 billion, according to available data.
To safeguard against such scams, users are recommended to utilize a dedicated email account, enable two-factor authentication, set up an address allowlist, and consider using an additional security feature for their assets.
Related: Complex crypto address poisoning scams drain $1.2 million in March
A history of phishing-related losses
It is estimated that over $65 million may have been taken from users of the exchange between December 2024 and January 2025 through highly confident thefts, as highlighted by the investigator. They remarked:
“Our figure is likely much lower than the true amount stolen, as our data came from direct messages and on-chain thefts, which do not take into account support tickets or police reports we do not have access to.”
Source: ZachXBT
Pig butchering scams represent another form of phishing scheme that employs prolonged and intricate deception tactics to convince investors to willingly transfer their assets to fraudulent addresses.
According to reports, pig butchering incidents on the Ethereum network resulted in industry losses exceeding $5.5 billion across 200,000 identified cases in 2024.
<
Magazine: Bitcoiner sex trap extortion? BTS firm’s blockchain disaster: Asia Express