Crypto user loses $7.8 million in SolvBTC as phishing scams surge on social media
Sophisticated social engineering and malware tactics hike crypto phishing scams on social media.
A phishing attack resulted in a crypto user losing $7.8 million worth of SolvBTC, a wrapped Bitcoin product created by Solv Protocol.
On Dec. 11, blockchain security firm Scam Sniffer highlighted the incident and shed further light on the evolving sophistication of such scams.
How the attack unfolded
According to Scam Sniffer, the victim unknowingly signed a phishing transaction, which triggered a direct asset transfer to an address pre-computed using Ethereum’s CREATE2 opcode.
Scam Sniffer explained that attackers leveraged CREATE2 to predict contract addresses before deployment.
This tactic bypasses wallet security alerts by generating new temporary addresses for each malicious signature. After the victim signs the transaction, the attacker deploys a contract at the designated address and drains the wallet.
The CREATE2 opcode, often used in legitimate applications like Uniswap to deploy Pair contracts, is now being exploited in wallet-draining schemes.
Rising scams
Scam Sniffer also warned of a growing trend of crypto scams on the social media platform X.
In the first week of December, the number of fake crypto accounts surged to over 300 daily, compared to 160 in November. Many of these accounts impersonate influencers to lure victims into joining fraudulent Telegram groups.
Once users join these groups, they are asked to verify their identities using a bot called OfficialSafeguardBot. The bot creates a false sense of urgency, pressuring victims to complete the process quickly.
During verification, the bot secretly injects malicious PowerShell code into the victim’s clipboard. If executed, the code downloads malware designed to compromise the user’s system and crypto wallets.
Scam Sniffer noted that the malware, flagged by VirusTotal, has already led to multiple confirmed cases of private key theft. The security firm described this as a new phase in crypto scams, where attackers combine phishing tactics with advanced social engineering and malware deployment.
Mentioned in this article
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
New spot margin trading pair — ERA/USDT!
Launchpool - Unique ERA Event: Stake BTC ETH for a Chance to Win a 10% APR Boost
Bitget to support loan and margin functions for select assets in unified account
ERAUSDT now launched for futures trading and trading bots
Trending news
MoreCrypto prices
More
