Search our database of flagged domains. Check if a website is a scam, phishing, or legitimate.

0
Total Tracked
0
Detected
0
Content Alive
0
Content Dead
0
VT Pending
WalletConnect Abuse
HIGH THREAT

Understanding and Combating WalletConnect Abuse

WalletConnect Abuse represents a significant threat, with 1,667 domains detected and 555 currently active. PhishDestroy has identified top TLDs including .com, .app, and .xyz, and leading registrars such as NICENIC INTERNATIONAL GROUP CO., LIMITED.

1,672
Domains Detected
HIGH
Threat Level

How This Attack Works

WalletConnect Abuse involves deceptive tactics to exploit users of cryptocurrency platforms. Understanding these steps can help in prevention.

STEP 1
Creation of Fake Domains
Attackers create fake domains that mimic legitimate cryptocurrency platforms to lure victims.
STEP 2
Deployment of Phishing Pages
Phishing pages are set up on these domains to capture user credentials and wallet information.
STEP 3
Execution of Malicious Code
JavaScript and other scripting languages are used to execute malicious code that intercepts user data.
STEP 4
Unauthorized Transactions
Stolen credentials are used to authorize transactions, draining victims’ wallets.

Technical Analysis

WalletConnect Abuse often involves the creation of phishing sites that mimic popular cryptocurrency service providers. Attackers use sophisticated scripts to manipulate the WalletConnect protocol, intercepting the authentication process. This includes the use of JavaScript to capture private keys and signatures when users attempt to connect their wallets. Infrastructure-wise, attackers frequently utilize content delivery networks like Cloudflare to host phishing sites, taking advantage of high availability and speed. Additionally, smart contracts are sometimes manipulated to automatically approve transactions that transfer funds to the attacker’s address without the victim's explicit consent.

Real Cases

The Opensea Phishing Incident (2024)
$2 million stolen
A phishing campaign targeting Opensea users resulted in significant financial losses and credential theft.
Vercel App Scam (2023)
$1.5 million stolen
Attackers used fake Vercel app domains to trick users into revealing wallet information, leading to unauthorized access.
Marketplace-Art Fraud (2024)
$3 million stolen
Fraudulent marketplace-art domains were used to deceive users into connecting their wallets, resulting in asset theft.

How to Detect

Unfamiliar domain names mimicking legitimate services
Requests for private keys or seed phrases
Unexpected transaction requests
Poor website design or misspellings
Limited or no HTTPS security

How to Protect Yourself

1 Always verify domain authenticity
2 Enable two-factor authentication
3 Use hardware wallets for transactions
4 Regularly update security software
5 Educate yourself on common phishing tactics

Frequently Asked Questions

What is WalletConnect Abuse?
WalletConnect Abuse involves exploiting the WalletConnect protocol to trick users into revealing their cryptocurrency wallet credentials through phishing tactics.
How much money has been stolen through WalletConnect Abuse?
To date, WalletConnect Abuse has resulted in millions of dollars in losses, with specific incidents causing damages ranging from $1.5 million to $3 million.
How do I protect myself from WalletConnect Abuse?
Verify domain authenticity, use two-factor authentication, and employ hardware wallets for added security against phishing attacks.
What should I do if I'm a victim of WalletConnect Abuse?
Report the incident to your wallet provider, change passwords immediately, and contact local authorities or a cybersecurity expert for assistance.
Data sourced from PhishDestroy threat intelligence database — 1,672 domains tracked for this threat type
Wallet Connect Abuse — Threat Intelligence Protocol Abuse Active Threat
1,672
Domains
269
Alive
1,331
Taken Down
6.9
Avg VT
16.1%
Alive Rate
93.1%
Detected
Since Mar 2024 882 domains with VT ≥ 5
WalletConnect Abuse 1,672 domains
Screenshot of hyperkpa.com
hyperkpa.com
8 VTUnknown
Screenshot of hyperkpa.com
hyperkpa.com
Screenshot of ibtc-migration.xyz
ibtc-migration.xyz
8 VTUnknownBitcoin
Screenshot of ibtc-migration.xyz
ibtc-migration.xyz
Screenshot of juip-ag.top
juip-ag.top
8 VTUnknowndiscord
Screenshot of juip-ag.top
juip-ag.top
Screenshot of jutroen.app
jutroen.app
8 VTUnknownAptos
Screenshot of jutroen.app
jutroen.app
Screenshot of keetanetclaimer.xyz
keetanetclaimer.xyz
8 VTUnknownacross
Screenshot of keetanetclaimer.xyz
keetanetclaimer.xyz
Screenshot of labs-apy.com
labs-apy.com
8 VTUnknownspark
Screenshot of labs-apy.com
labs-apy.com
Screenshot of mantra-dex.net
mantra-dex.net
8 VTUnknownWalletConnect
Screenshot of mantra-dex.net
mantra-dex.net
Screenshot of mindshare-bitdealer.org
mindshare-bitdealer.org
8 VTUnknowntelegram
Screenshot of mindshare-bitdealer.org
mindshare-bitdealer.org
Screenshot of monadfinance.xyz
monadfinance.xyz
8 VTLivemonad
Screenshot of monadfinance.xyz
monadfinance.xyz
Screenshot of options-polymarket.com
options-polymarket.com
8 VTLiveapple
Screenshot of options-polymarket.com
options-polymarket.com
Screenshot of paluclaimer.xyz
paluclaimer.xyz
8 VTUnknownbinance
Screenshot of paluclaimer.xyz
paluclaimer.xyz
Screenshot of proposals-trillions.info
proposals-trillions.info
8 VTLivegoogle
Screenshot of proposals-trillions.info
proposals-trillions.info
Screenshot of pudgy.pro
pudgy.pro
8 VTUnknownEthereum
Screenshot of pudgy.pro
pudgy.pro
Screenshot of register-cysicfoundation.org
register-cysicfoundation.org
8 VTUnknownWalletConnect
Screenshot of register-cysicfoundation.org
register-cysicfoundation.org
Screenshot of rewards-lido.live
rewards-lido.live
8 VTUnknownLido
Screenshot of rewards-lido.live
rewards-lido.live
Screenshot of rseth.org
rseth.org
8 VTUnknownkelp
Screenshot of rseth.org
rseth.org
Screenshot of sol-flow.live
sol-flow.live
8 VTUnknowndiscord
Screenshot of sol-flow.live
sol-flow.live
Screenshot of solsnipez.com
solsnipez.com
8 VTLivediscord
Screenshot of solsnipez.com
solsnipez.com
Screenshot of solvemultiprotocol.xyz
solvemultiprotocol.xyz
8 VTLiveacross
Screenshot of solvemultiprotocol.xyz
solvemultiprotocol.xyz
Screenshot of swap-jupag-v4.com
swap-jupag-v4.com
8 VTUnknownjupiter
Screenshot of swap-jupag-v4.com
swap-jupag-v4.com
Screenshot of swiftrectifyrequestprompt.pages.dev
swiftrectifyrequestprompt.pages.dev
8 VTLiveacross
Screenshot of swiftrectifyrequestprompt.pages.dev
swiftrectifyrequestprompt.pages.dev
Screenshot of talus-foundatlon.xyz
talus-foundatlon.xyz
8 VTUnknownWalletConnect
Screenshot of talus-foundatlon.xyz
talus-foundatlon.xyz
Screenshot of terminal-finance.com
terminal-finance.com
8 VTUnknownWalletConnect
Screenshot of terminal-finance.com
terminal-finance.com
Screenshot of testnetwork.icu
testnetwork.icu
8 VTUnknowntelegram
Screenshot of testnetwork.icu
testnetwork.icu
Screenshot of trustwallet-com-verify.bnb-txn.xyz
trustwallet-com-verify.bnb-txn.xyz
8 VTUnknownTrust Wallet
Screenshot of trustwallet-com-verify.bnb-txn.xyz
trustwallet-com-verify.bnb-txn.xyz
Screenshot of ultradex.finance
ultradex.finance
8 VTLive
Screenshot of ultradex.finance
ultradex.finance
Screenshot of upstorys.net
upstorys.net
8 VTUnknownethereum
Screenshot of upstorys.net
upstorys.net
Screenshot of virtual-vote.votings.workers.dev
virtual-vote.votings.workers.dev
8 VTUnknown
Screenshot of virtual-vote.votings.workers.dev
virtual-vote.votings.workers.dev
Screenshot of vote-giza.votings.workers.dev
vote-giza.votings.workers.dev
8 VTUnknown
Screenshot of vote-giza.votings.workers.dev
vote-giza.votings.workers.dev
Screenshot of vote-maplefi.xyz
vote-maplefi.xyz
8 VTLiveacross
Screenshot of vote-maplefi.xyz
vote-maplefi.xyz
Screenshot of www.hypertliquid.com
www.hypertliquid.com
8 VTCF Bannedacross
Screenshot of www.hypertliquid.com
www.hypertliquid.com
Screenshot of xlkndza.squidvr.com
xlkndza.squidvr.com
8 VTUnknownWalletConnect
Screenshot of xlkndza.squidvr.com
xlkndza.squidvr.com
Screenshot of xn--claim-lghter-yfb.xyz
xn--claim-lghter-yfb.xyz
8 VTUnknown
Screenshot of xn--claim-lghter-yfb.xyz
xn--claim-lghter-yfb.xyz
Screenshot of zerosbase.pages.dev
zerosbase.pages.dev
8 VTLiveOKX
Screenshot of zerosbase.pages.dev
zerosbase.pages.dev
Screenshot of aghov.top
aghov.top
7 VTUnknownaave
Screenshot of aghov.top
aghov.top
Screenshot of agokclaim.xyz
agokclaim.xyz
7 VTLivediscord
Screenshot of agokclaim.xyz
agokclaim.xyz
Screenshot of airdrop-boundless.app
airdrop-boundless.app
7 VTUnknownAirdrop Scam
Screenshot of airdrop-boundless.app
airdrop-boundless.app
Screenshot of airdrop.odzaar.xyz
airdrop.odzaar.xyz
7 VTLivediscord
Screenshot of airdrop.odzaar.xyz
airdrop.odzaar.xyz
Screenshot of alloca.org
alloca.org
7 VTUnknownmonad
Screenshot of alloca.org
alloca.org
Screenshot of aml-tracker.info
aml-tracker.info
7 VTUnknownlinkedin
Screenshot of aml-tracker.info
aml-tracker.info
Screenshot of amlrated.net
amlrated.net
7 VTUnknownWalletConnect
Screenshot of amlrated.net
amlrated.net
Screenshot of amnziax.space
amnziax.space
7 VTLivecoinbase
Screenshot of amnziax.space
amnziax.space
Screenshot of app-stable.xyz
app-stable.xyz
7 VTLiveceler
Screenshot of app-stable.xyz
app-stable.xyz
Screenshot of app.monadmainnet.xyz
app.monadmainnet.xyz
7 VTUnknownacross
Screenshot of app.monadmainnet.xyz
app.monadmainnet.xyz
Screenshot of appwalletconnect.wixstudio.com
appwalletconnect.wixstudio.com
7 VTUnknownWalletConnect
Screenshot of appwalletconnect.wixstudio.com
appwalletconnect.wixstudio.com
Screenshot of asterdex-eligibility.com
asterdex-eligibility.com
7 VTUnknownbnb chain
Screenshot of asterdex-eligibility.com
asterdex-eligibility.com
Screenshot of asterdex-s2.com
asterdex-s2.com
7 VTCF Bannedbnb chain
Screenshot of asterdex-s2.com
asterdex-s2.com
Screenshot of avirpc.top
avirpc.top
7 VTUnknownaave
Screenshot of avirpc.top
avirpc.top
Screenshot of aztec-voting.com
aztec-voting.com
7 VTLiveethereum
Screenshot of aztec-voting.com
aztec-voting.com
Screenshot of bakeryswa-p.web.app
bakeryswa-p.web.app
7 VTUnknownWalletConnect
Screenshot of bakeryswa-p.web.app
bakeryswa-p.web.app
Screenshot of bnb-32.cc
bnb-32.cc
7 VTUnknownWalletConnect
Screenshot of bnb-32.cc
bnb-32.cc
Screenshot of bob-mainnet-lu3oz5ft3-distributed-crafts.vercel.app
bob-mainnet-lu3oz5ft3-distributed-crafts.vercel.app
7 VTUnknown
Screenshot of bob-mainnet-lu3oz5ft3-distributed-crafts.vercel.app
bob-mainnet-lu3oz5ft3-distributed-crafts.vercel.app
Screenshot of boundless-zkc.xyz
boundless-zkc.xyz
7 VTUnknownAirdrop Scam
Screenshot of boundless-zkc.xyz
boundless-zkc.xyz
Screenshot of brevis-zkats.xyz
brevis-zkats.xyz
7 VTUnknown
Screenshot of brevis-zkats.xyz
brevis-zkats.xyz
Screenshot of chainmultcoin.com
chainmultcoin.com
7 VTUnknownWalletConnect
Screenshot of chainmultcoin.com
chainmultcoin.com
Screenshot of checker-asters.com
checker-asters.com
7 VTUnknownacross
Screenshot of checker-asters.com
checker-asters.com
Screenshot of claim-ethgas.xyz
claim-ethgas.xyz
7 VTLiveacross
Screenshot of claim-ethgas.xyz
claim-ethgas.xyz
Screenshot of claim-fleek.xyz
claim-fleek.xyz
7 VTUnknowndiscord
Screenshot of claim-fleek.xyz
claim-fleek.xyz
Screenshot of claim-ofc.site
claim-ofc.site
7 VTUnknownacross
Screenshot of claim-ofc.site
claim-ofc.site
Screenshot of claim-talus.org
claim-talus.org
7 VTUnknownWalletConnect
Screenshot of claim-talus.org
claim-talus.org
Screenshot of claims-grass.com
claims-grass.com
7 VTLive
Screenshot of claims-grass.com
claims-grass.com
Screenshot of claims-talus.org
claims-talus.org
7 VTCF Bannedfoundation
Screenshot of claims-talus.org
claims-talus.org
Screenshot of connectcopy.pro
connectcopy.pro
7 VTUnknownSolana
Screenshot of connectcopy.pro
connectcopy.pro
Screenshot of def999.net
def999.net
7 VTUnknownWalletConnect
Screenshot of def999.net
def999.net
Screenshot of defidapp-protocol.firebaseapp.com
defidapp-protocol.firebaseapp.com
7 VTUnknownBase
Screenshot of defidapp-protocol.firebaseapp.com
defidapp-protocol.firebaseapp.com
Screenshot of dropsbot.click
dropsbot.click
7 VTUnknownacross
Screenshot of dropsbot.click
dropsbot.click
Screenshot of eligibility-overtake.org
eligibility-overtake.org
7 VTUnknownacross
Screenshot of eligibility-overtake.org
eligibility-overtake.org
Screenshot of ethena-fi.click
ethena-fi.click
7 VTLiveWalletConnect
Screenshot of ethena-fi.click
ethena-fi.click
Screenshot of ethlineabuild.com
ethlineabuild.com
7 VTUnknownLinea
Screenshot of ethlineabuild.com
ethlineabuild.com
Screenshot of fatty-ae.web.app
fatty-ae.web.app
7 VTLivebnb chain
Screenshot of fatty-ae.web.app
fatty-ae.web.app
Screenshot of fedxexpress.store
fedxexpress.store
7 VTUnknownarbitrum
Screenshot of fedxexpress.store
fedxexpress.store
Screenshot of fqhofa.cc
fqhofa.cc
7 VTUnknown
Screenshot of fqhofa.cc
fqhofa.cc
Screenshot of fukzfb.cc
fukzfb.cc
7 VTUnknownWalletConnect
Screenshot of fukzfb.cc
fukzfb.cc
Screenshot of getbafe.xyz
getbafe.xyz
7 VTUnknownacross
Screenshot of getbafe.xyz
getbafe.xyz
Screenshot of gigglepartners.xyz
gigglepartners.xyz
7 VTUnknownmetamask
Screenshot of gigglepartners.xyz
gigglepartners.xyz
Screenshot of goatnetwork.app
goatnetwork.app
7 VTUnknownWalletConnect
Screenshot of goatnetwork.app
goatnetwork.app
Screenshot of harambeaiclaim.web.app
harambeaiclaim.web.app
7 VTUnknown
Screenshot of harambeaiclaim.web.app
harambeaiclaim.web.app
Screenshot of hodlerinsights.app
hodlerinsights.app
7 VTUnknownacross
Screenshot of hodlerinsights.app
hodlerinsights.app
Screenshot of jameshigher-allocations.xyz
jameshigher-allocations.xyz
7 VTLiveWalletConnect
Screenshot of jameshigher-allocations.xyz
jameshigher-allocations.xyz
Screenshot of kyofinance.org
kyofinance.org
7 VTUnknownfoundation
Screenshot of kyofinance.org
kyofinance.org
Screenshot of lenvopro.com
lenvopro.com
7 VTUnknowncoinbase
Screenshot of lenvopro.com
lenvopro.com
Screenshot of mantra-dex.ink
mantra-dex.ink
7 VTLiveWalletConnect
Screenshot of mantra-dex.ink
mantra-dex.ink
Screenshot of memecoinsupport.org
memecoinsupport.org
7 VTParked1inch
Screenshot of memecoinsupport.org
memecoinsupport.org
Screenshot of multcoinprotocol.net
multcoinprotocol.net
7 VTLiveWalletConnect
Screenshot of multcoinprotocol.net
multcoinprotocol.net
Screenshot of multiresolvechain.firebaseapp.com
multiresolvechain.firebaseapp.com
7 VTUnknownBase
Screenshot of multiresolvechain.firebaseapp.com
multiresolvechain.firebaseapp.com
Screenshot of onchainscore.site
onchainscore.site
7 VTLivecoinbase
Screenshot of onchainscore.site
onchainscore.site
Screenshot of pepe-fund.net
pepe-fund.net
7 VTUnknowncoingecko
Screenshot of pepe-fund.net
pepe-fund.net
Screenshot of pmlcoin.app
pmlcoin.app
7 VTUnknownWalletConnect
Screenshot of pmlcoin.app
pmlcoin.app
Screenshot of polymarket-elon-tracker.com
polymarket-elon-tracker.com
7 VTUnknownacross
Screenshot of polymarket-elon-tracker.com
polymarket-elon-tracker.com
Screenshot of proposals-aster.com
proposals-aster.com
7 VTUnknownacross
Screenshot of proposals-aster.com
proposals-aster.com
Screenshot of proposals-asters.com
proposals-asters.com
7 VTUnknownacross
Screenshot of proposals-asters.com
proposals-asters.com
Screenshot of proposals-maplefi.com
proposals-maplefi.com
7 VTUnknownacross
Screenshot of proposals-maplefi.com
proposals-maplefi.com
Screenshot of propsoal-mantle.xyz
propsoal-mantle.xyz
7 VTUnknownMantle
Screenshot of propsoal-mantle.xyz
propsoal-mantle.xyz
Screenshot of register.cysicfoundation.org
register.cysicfoundation.org
7 VTUnknownAirdrop Scam
Screenshot of register.cysicfoundation.org
register.cysicfoundation.org
Screenshot of revoke-curve.com
revoke-curve.com
7 VTUnknownCurve
Screenshot of revoke-curve.com
revoke-curve.com
Screenshot of rpcve.top
rpcve.top
7 VTUnknownaave
Screenshot of rpcve.top
rpcve.top
Screenshot of snapshot-brevis.network
snapshot-brevis.network
7 VTLive
Screenshot of snapshot-brevis.network
snapshot-brevis.network
Screenshot of sol-core.pro
sol-core.pro
7 VTUnknownbase
Screenshot of sol-core.pro
sol-core.pro
Screenshot of symbi0sis.finance
symbi0sis.finance
7 VTUnknownacross
Screenshot of symbi0sis.finance
symbi0sis.finance
Screenshot of testnet.heliosportal.live
testnet.heliosportal.live
7 VTUnknown
Screenshot of testnet.heliosportal.live
testnet.heliosportal.live
« Prev 4 5 6 7 8 9 10 Next » Page 7 of 17