18 articles tagged with #phishing. AI-curated summaries with sentiment analysis and key takeaways from 50+ sources.
A fraudulent Ledger Live application was discovered on Apple's App Store, successfully impersonating the legitimate cryptocurrency wallet and draining approximately $9.5 million from dozens of users across multiple blockchains during a week-long phishing campaign before removal.
Operation Atlantic, a coordinated international law enforcement initiative involving the UK's National Crime Agency, US Secret Service, and Canadian authorities, has frozen over $12 million in cryptocurrency linked to phishing schemes and uncovered more than 20,000 victims. TRM Labs, a blockchain intelligence platform, partnered with law enforcement to identify and disrupt the criminal infrastructure behind these schemes.
Hacken's Q1 2026 report reveals $464.5 million in losses across 43 Web3 security incidents, with phishing attacks, legacy code vulnerabilities, and key compromises accounting for the majority of breaches. The findings underscore escalating security risks in cryptocurrency and decentralized finance as regulatory bodies intensify their focus on security standards.
American musician Garrett Dutton (G. Love) lost 5.9 BTC after unknowingly installing a counterfeit Ledger application from the App Store and entering his seed phrase. This incident highlights a critical vulnerability in app store security and demonstrates how even established platforms fail to prevent sophisticated impersonation attacks targeting cryptocurrency users.
Steakhouse Financial experienced a DNS hijacking attack on March 30, 2026, after attackers socially engineered OVHcloud support staff to disable hardware 2FA on the company's account. A phishing site using an Inferno Drainer kit remained active for approximately four hours, but the company confirmed no user funds were compromised, partly due to ICANN's five-day domain transfer lock preventing the attacker from completing the hijack.
Sears inadvertently exposed customer conversations with AI chatbots containing personal information and contact details to public web access. This security breach creates risks for customers by making their personal data available to potential scammers for phishing attacks and fraud.
The U.S., UK, and Canada have launched Operation Atlantic, a coordinated international law enforcement initiative to combat crypto approval-phishing scams. The operation specifically targets fraudulent schemes that exploit cryptocurrency approval mechanisms to deceive investors and steal funds.
Crypto theft patterns shifted in February as phishing attacks targeting individuals surpassed protocol exploits, with total losses dropping to $50 million compared to January's $385 million. The Step Finance hack alone accounted for $30 million of February's losses, while Bybit prevented over $300 million in unauthorized withdrawals in Q4 2023.
Coinbase, Microsoft and Europol successfully collaborated to shut down 'Tycoon 2FA', a major phishing-as-a-service operation. The service was responsible for 62% of phishing attempts blocked by Microsoft by mid-2024, including over 30 million malicious emails in a single month.
On June 23, 2024, hackers compromised the official Ethereum blog mailing list and sent phishing emails to 35,794 subscribers using the legitimate updates@blog.ethereum.org address. The malicious emails directed users to a fake website that ran crypto drainer malware in the background to steal users' cryptocurrency funds.
Smart contract wallets created using Ethereum Wallet Frontier version 0.4.0 (Beta 7) or earlier are vulnerable to phishing attacks. Wallets created with version 0.5.0 and later (released after March 3, 2016) are not affected, though the vulnerability has low likelihood but high severity.
A fake website impersonating CoinDCX, India's prominent cryptocurrency exchange, sparked fraud allegations and legal proceedings that ultimately resulted in a court ruling exonerating the legitimate platform. The case highlights the growing threat of domain spoofing and phishing attacks targeting crypto platforms and the legal complexities involved in distinguishing between genuine services and fraudulent imitations.
Cryptocurrency losses dropped 87% to $49 million in February according to Nominis, marking a significant decline in hack-related damages. However, attackers are shifting their strategies away from exploiting code vulnerabilities toward phishing and social engineering tactics that target users directly.
Cryptocurrency hacks declined significantly to $49 million in February following a January spike. However, security experts warn that attackers are increasingly shifting tactics toward phishing scams and exploiting wallet permissions rather than direct protocol attacks.
South Korean prosecutors sold $21.5 million worth of seized bitcoin after recovering the assets from a phishing attack. The cryptocurrency was originally lost to hackers last year but was recently returned to the prosecutors' wallet.
ClickFix hackers are using new tactics to target crypto users by impersonating venture capitalists and compromising the QuickLens platform. This technique has been gaining popularity among crypto attackers since 2024, expanding beyond cryptocurrency to target multiple industries.
February 2026 saw crypto hack losses drop to just $26.5 million across 15 incidents, representing a 69% decline from January and the lowest monthly figure in 11 months. Two major attacks on YieldBlox ($10M) and IoTeX ($9M) accounted for over 70% of total losses, while improved security standards and AI-powered monitoring tools are helping reduce vulnerabilities.
South Korean prosecutors have successfully recovered $22 million worth of Bitcoin that was previously lost to phishing site operators. This represents a significant recovery of stolen cryptocurrency assets through law enforcement action.
