According to the blockchain detective ZachXBT's monitoring, De.Fi, a Web3 antivirus software, reported suspicious activity related to the email [email protected]. Users are advised not to interact with it for now. The team is working to resolve the issue. Official emails are sending a large number of phishing links to users.

Web3 communication protocol WalletConnect stated on social media that they had noticed an email that appeared to have been sent from an email address associated with WalletConnect, prompting the recipient to open a link to claim an airdrop. WalletConnect stated that this email was not directly issued by WalletConnect or any associated companies and that the link appears to lead to a malicious website. They are currently working with Blockaid to conduct further investigation.

Scam Sniffer monitoring data shows that the address that lost tokens worth $4.2 million due to a phishing attack earlier has been hacked again, with 158 ETH stolen. SlowMist Cosmos pointed out that the victim's address did not timely revoke authorization, and aEthWETH in AAVE was continuously pressured to the limit by the fisherman, triggering liquidation. Each time there is excess aEthWETH that can continue to be transferred away, and then pushed to the edge of liquidation, and so on repeatedly. There is a contradiction between privacy protection and timely notification.

Scam Sniffer stated that a user lost 1,041,122 US dollars worth of stETH approximately 40 minutes ago after signing a malicious ERC20 permission signature on a phishing website.

The Chief Security Information Officer of SlowMist, @IM_23pds, posted on social media to warn about the risk of phishing through Telegram chatbots. Recently, SlowMist and Cosmos have discovered that chatbots are being used for automated phishing through private messaging. The chatbots will automatically message users saying "Your TG Telegram account has been detected as abnormal, the system will cancel it. Please go to the Security Assistant (@****) for removal." If users believe this message and reply with their real information, their Telegram account will be stolen. Please be aware of this security risk.

SlowMist founder Yu Xian tweeted that crypto-phishing gangs are now targeting non-EVM chains. A phishing website can now not only steal assets from various mainstream EVM chains, but also from Solana, Tron, and other chains.All functions are integrated into one phishing script, with intelligent switching and a smoother user experience, ensuring that no fish is missed.

Scam Sniffer posted on X platform that wallet drainer has expanded its attack range to Ethereum, Solana, and Tron, not just limited to EVM chains. Users are advised to stay vigilant. About a week ago, they noticed a phishing website that includes the ability to steal different types of wallets.Founder of SlowMist, Yu Xian, commented on this: "Crypto phishing groups have started to target non-EVM chains. Now, a phishing website can not only steal assets from major EVM chains, but also from Solana, Tron, and other chains... it's probably coming to the BTC ecosystem soon. All features are integrated into one phishing script, with smart switching and increasingly smooth user experience, ensuring that no fish is missed."

According to Dune data, Pinkdrainer, a cryptocurrency phishing scam team, has accumulated more than $18 million in fraud and over 9,000 victims.

Scam Sniffer has reported that someone lost approximately 6.38 WBTC (about $280,000) due to a phishing scam on the internet about 2 hours ago.

According to official CertiK sources, the X account was briefly stolen and hackers had previously posted false messages with phishing links. Currently, the CertiK X account has been restored to normal and all previous false messages have been deleted.