Hackers steal $300,000 via phishing site of a well-known Ethereum conference

The attackers created a fake site for the popular annual Ethereum conference in Denver and stole over $300,000 in ETH via it.

Another day, another scam.
This time the scammer targeted the @EthereumDenver website. Blockfence is here to protect you and fight scammers together: The scam contract was marked as «High Risk» by our ML algorithm and our partners at @GoplusSecurity pic.twitter.com/Jdtoz2Bgu4

— Blockfence (@blockfence_io) February 20, 2023

According to Blockfence, the team that uncovered the phishing scheme, the attackers have gained access to more than 2,800 user wallets over the last six months.

ETHDenver organizers also posted a warning about the malicious site on Twitter.

Hello Fellow Bufficorns!!

Please be aware that there is a FAKE ETHDenver website that is asking for you to connect your wallet.

“Go-ETHDenver” is not us. Please report the site! pic.twitter.com/1dt4hYmfvO

— ETHDenver ??? (@EthereumDenver) February 20, 2023

Be aware that there is a fake ETHDenver website that asks you to connect your wallet. Go-ETHDenver is not us, they wrote.

The Blockfence CEO Omri Lahav, in comments to Cointelegraph, clarified that the site offered to connect the MetaMask wallet. After the user approved the transaction, the malware drained all funds from the address. He said the fraudulent smart contract, since its deployment in mid-2022, has withdrawn more than 177 ETH.

Lahav also said that the malware was used on other platforms.

The attackers used paid Google advertising to promote their site. Cointelegraph noted that, in search results, the malicious URL appeared second after the official ETHDenver site.

In October 2022, Binance CEO Changpeng Zhao warned about Google advertising promoting cryptocurrency-targeted phishing sites.