A cryptocurrency investor lost $300,000 after clicking what appeared to be a harmless work meeting link, highlighting the growing sophistication of crypto-focused phishing attacks.
The victim, known as "LeftsideEmiri" on social media platform X, reported that multiple cryptocurrency wallets were drained after interacting with a fraudulent KakaoTalk messaging link sent through a direct message. The link, which appeared non-functional at first, allegedly installed malware that compromised their digital wallets.
"Thought it would never happen to me, but it did," the user posted, noting they had not approved any transactions. The stolen funds were transferred from several wallets, including Ethereum and Solana addresses, to an account reportedly connected to cryptocurrency exchange BingX.
The attacker, operating under the username "0xQwerky," executed the theft through what appears to be a sophisticated social engineering attack. LeftsideEmiri has appealed to BingX to help recover the stolen assets.
This incident adds to mounting concerns about cryptocurrency phishing scams. Web3 security firm Scam Sniffer reports that November alone saw nearly $9.4 million in losses from such attacks, affecting over 9,200 investors.
The firm warns that malicious blockchain signatures remain a primary threat vector, allowing scammers to gain complete control of victims' wallets through deceptive transaction requests. Recent months have seen several high-profile cases, including a $4.2 million theft in January 2024 and a $36 million loss in October through permit phishing.
In light of the incident, LeftsideEmiri cautioned the cryptocurrency community against clicking unsolicited job interview links or engaging with unexpected messages on social platforms.