Phishing ads were discovered on the Etherscan blockchain explorer website
Scam Sniffer suggested that the cause of the large-scale phishing campaign was a lack of oversight by ad aggregators
08.04.2024 - 13:05
1397
3 min
0
What’s new? X user under the nickname McBiblets has discovered that some ads on the Etherscan blockchain explorer website for the Ethereum blockchain were phishing ads, and warned against clicking through to the fraudulent pages. Further investigation revealed that the ads appearing on Etherscan were also displayed on known phishing websites.
What else is known? Experts at analytics platform Scam Sniffer found that phishing ads had spread beyond Etherscan and began appearing on popular search engines such as Google, Bing, DuckDuckGo, and X. The company suggested that the lack of oversight by ad aggregators was the reason for the massive phishing campaign:
“Etherscan aggregates ads from platforms like Coinzilla and Persona, where insufficient filtering could lead to exposure to phishing attempts.”
The essence of the scheme is that users are lured to fake websites and offered to connect crypto wallets. Fraudsters can then withdraw funds to personal addresses without user authentication or authorization.
SlowMist’s chief information security officer also issued a warning about phishing ads on Etherscan.
Etherscan already experienced a similar situation in 2022. Back then, malicious banners were also found on the website of crypto market data aggregator CoinGecko and other industry analytical portals.
In February, Blockaid experts reported that the Angel Drainer phishing group stole $403 000 from 128 crypto wallets using Etherscan to hide the malicious nature of smart contracts. The scammers deployed the malicious Protocol Safe (formerly Gnosis Safe) contract to create a “false sense of security” as Etherscan automatically adds a verification flag to confirm the legitimacy of the contract.
Scam Sniffer reported that crypto users lost nearly $47 million to phishing attacks during February this year. The Ethereum blockchain accounted for 78% of the total number of thefts.
Useful material?
Telegram 
Twitter Incidents
The company is linking the incident to a compromised private key on a service wallet, rather than a smart contract exploit
May 22, 2026
Incidents
Following the incident, the project temporarily halted trading operations and node activity.
May 15, 2026
Incidents
The user spent weeks unsuccessfully trying to guess the password until Claude helped find an old wallet backup file
May 14, 2026
Crypto regulations
Authorities are introducing mandatory registration for companies handling cross-border crypto transactions
May 8, 2026
Incidents
According to Blockaid, the attack may have been carried out by the same hacker behind the 1inch Fusion V1 exploit.
May 7, 2026
Incidents
The attacker gained administrative access and altered contracts to drain user funds
Apr 30, 2026
Cryptocurrency rates
-
Bitcoin
$62 197
BTC
-7.28%
-
Ethereum
$2 551.16
ETH
+3.56%
-
BNB Smart Chain
$579.4
BSC
+1.23%
-
Ripple
$1.15
XRP
-7.56%
-
TRON
$0.160134
TRX
-1.59%
-
Dogecoin
$0.087152
DOGE
-7.39%
-
Zcash
$530.07
ZEC
-10.5%
-
Cardano
$0.188419
ADA
-13.13%
-
Stellar XLM
$0.204714
XLM
-10.45%
-
Polkadot
$3.32
DOT
+5.27%