Domain Security Reports

Search our database of flagged domains. Check if a website is a scam, phishing, or legitimate.

0
Total Tracked
0
Detected
0
Content Alive
0
Content Dead
0
VT Pending
WalletConnect Abuse
HIGH THREAT

Understanding and Combating WalletConnect Abuse

WalletConnect Abuse represents a significant threat, with 1,667 domains detected and 555 currently active. PhishDestroy has identified top TLDs including .com, .app, and .xyz, and leading registrars such as NICENIC INTERNATIONAL GROUP CO., LIMITED.

1,670
Domains Detected
HIGH
Threat Level

How This Attack Works

WalletConnect Abuse involves deceptive tactics to exploit users of cryptocurrency platforms. Understanding these steps can help in prevention.

STEP 1
Creation of Fake Domains
Attackers create fake domains that mimic legitimate cryptocurrency platforms to lure victims.
STEP 2
Deployment of Phishing Pages
Phishing pages are set up on these domains to capture user credentials and wallet information.
STEP 3
Execution of Malicious Code
JavaScript and other scripting languages are used to execute malicious code that intercepts user data.
STEP 4
Unauthorized Transactions
Stolen credentials are used to authorize transactions, draining victims’ wallets.

Technical Analysis

WalletConnect Abuse often involves the creation of phishing sites that mimic popular cryptocurrency service providers. Attackers use sophisticated scripts to manipulate the WalletConnect protocol, intercepting the authentication process. This includes the use of JavaScript to capture private keys and signatures when users attempt to connect their wallets. Infrastructure-wise, attackers frequently utilize content delivery networks like Cloudflare to host phishing sites, taking advantage of high availability and speed. Additionally, smart contracts are sometimes manipulated to automatically approve transactions that transfer funds to the attacker’s address without the victim's explicit consent.

Real Cases

The Opensea Phishing Incident (2024)
$2 million stolen
A phishing campaign targeting Opensea users resulted in significant financial losses and credential theft.
Vercel App Scam (2023)
$1.5 million stolen
Attackers used fake Vercel app domains to trick users into revealing wallet information, leading to unauthorized access.
Marketplace-Art Fraud (2024)
$3 million stolen
Fraudulent marketplace-art domains were used to deceive users into connecting their wallets, resulting in asset theft.

How to Detect

Unfamiliar domain names mimicking legitimate services
Requests for private keys or seed phrases
Unexpected transaction requests
Poor website design or misspellings
Limited or no HTTPS security

How to Protect Yourself

1 Always verify domain authenticity
2 Enable two-factor authentication
3 Use hardware wallets for transactions
4 Regularly update security software
5 Educate yourself on common phishing tactics

Frequently Asked Questions

What is WalletConnect Abuse?
WalletConnect Abuse involves exploiting the WalletConnect protocol to trick users into revealing their cryptocurrency wallet credentials through phishing tactics.
How much money has been stolen through WalletConnect Abuse?
To date, WalletConnect Abuse has resulted in millions of dollars in losses, with specific incidents causing damages ranging from $1.5 million to $3 million.
How do I protect myself from WalletConnect Abuse?
Verify domain authenticity, use two-factor authentication, and employ hardware wallets for added security against phishing attacks.
What should I do if I'm a victim of WalletConnect Abuse?
Report the incident to your wallet provider, change passwords immediately, and contact local authorities or a cybersecurity expert for assistance.
Data sourced from PhishDestroy threat intelligence database — 1,670 domains tracked for this threat type
Wallet Connect Abuse — Threat Intelligence Protocol Abuse High Threat
1,670
Domains
784
Alive
826
Taken Down
6.9
Avg VT
46.9%
Alive Rate
92.9%
Detected
Since Mar 2024 878 domains with VT ≥ 5
WalletConnect Abuse 1,670 domains
solana-incinerator.pro
11 VTUnknownSolana
solcard-cc.netlify.app
11 VTUnknownWalletConnect
solget.fun
11 VTUnknownacross
soniclabs.vote
11 VTUnknownWalletConnect
tesnetmonad.xyz
11 VTLivediscord
uai.wasegem.com
11 VTLivemetamask
uk099.vip
11 VTUnknownEthereum
uni.v4dexapps.top
11 VTUnknownaave
vooi-app.org
11 VTUnknown
vote-hyprstr.votings.workers.dev
11 VTLivedebridge
voting-punksauction.com
11 VTParkedWalletConnect
wasegem.com
11 VTLive
web.bp-nxbd.com
11 VTLiveaave
wlfimemecoin.com
11 VTLivedexscreener
www.bituniswap.com
11 VTUnknownUniswap
www.blockchaincheck.us
11 VTLiveBlockchain.com
www.lawsgrouponline.com
11 VTLiveacross
activate.pcrairdrop.com
10 VTLiveAirdrop Scam
airdrop-plasma.top
10 VTLiveAirdrop Scam
airdrop.ten.claims
10 VTUnknownAirdrop Scam
airdrops-soniclabs.org
10 VTLiveAirdrop Scam
amlchebot.app
10 VTLivelinkedin
amlforte.pro
10 VTUnknownarbitrum
app-kyberswap.com
10 VTUnknownacross
app-pudgypenguins.xyz
10 VTUnknownsolana
app.wasegem.com
10 VTUnknownsolana
apple-sale.com
10 VTLiveApple
appondo.xyz
10 VTLiveWalletConnect
asterdexlive.xyz
10 VTUnknownbnb chain
bcsolver-77n10wf9kk.edgeone.dev
10 VTUnknownaave
bimodal-oxeliteoriginator.web.app
10 VTUnknownWalletConnect
bnb.connectweb3c.io
10 VTLivebinance
bob-mainnet-37o0si2us-distributed-crafts.vercel.app
10 VTLiveacross
bob-sepolia-5r3ytp9gg-distributed-crafts.vercel.app
10 VTLiveacross
bob-sepolia-gbxuamav0-distributed-crafts.vercel.app
10 VTLiveacross
borroefinance-ai.web.app
10 VTUnknown
bridge.usduc.io
10 VTUnknownEthereum
campaundfenence.org
10 VTLivechainlink
checker-eul.xyz
10 VTUnknowndiscord
claim-humidifi.org
10 VTUnknownacross
claim-mon.app
10 VTUnknownmonad
claim.monrad.xyz
10 VTLivemonad
claimairdropfree.biz
10 VTUnknownWalletConnect
claims-irys.org
10 VTUnknownWalletConnect
cryptoriskscanner.com
10 VTLivecsgo
czasters-allocations.xyz
10 VTLive
dasdas.elysium-drainer.world
10 VTLiveWalletConnect
defire-solutions.pages.dev
10 VTLiveWalletConnect
dex-support-desk.netlify.app
10 VTUnknownWalletConnect
eligibility-grass.org
10 VTUnknownfoundation
espresso-portal.app
10 VTCF BannedWalletConnect
eth-burner.xyz
10 VTLiveethereum
eth-mining-global.top
10 VTUnknown
fcboft.cc
10 VTUnknownWalletConnect
fiwnfa.cc
10 VTUnknownSei
get-moonday.org
10 VTUnknownacross
heymintgate.com
10 VTLivearbitrum
hiouyuiyhfguyih.com
10 VTUnknownaave
hoimesai.xyz
10 VTLiveWalletConnect
j-dex-v1.app
10 VTUnknowndiscord
ktaliveclaim.xyz
10 VTLiveacross
lab-airdrop.xyz
10 VTLiveWalletConnect
lido-drop.web.app
10 VTUnknownLido
lighter-airdrops.xyz
10 VTUnknowncoinbase
lightxrs.com
10 VTUnknownHTX
linenetworkclaim.xyz
10 VTUnknownlinea
live-hyperxliquid.xyz
10 VTUnknownHyperliquid
login-ai-deus.pages.dev
10 VTLivemetamask
mining1104.94bm.com
10 VTLivefoundation
miranetwork-live.xyz
10 VTLiveManta
mlv.retaileth.com
10 VTUnknown
monad.gmagents.ai
10 VTLivemonad
neuuihahhashkey.top
10 VTLiveethereum
pan-wallet-v3.app
10 VTUnknownacross
pancakeswapairdrop.com
10 VTUnknownPancakeSwap
peth.top
10 VTUnknownEthereum
register-espresso.app
10 VTCF BannedWalletConnect
retikclaim.web.app
10 VTLiveacross
reward-snortertoken.com
10 VTUnknowndextools
rewards-lighter.xyz
10 VTLivebase
smartprotocolfix.web.app
10 VTUnknown
sol-gets.xyz
10 VTUnknownSolana
swap-jupag-v4.com
10 VTUnknownjupiter
the-warplets.live
10 VTLivecsgo
token-luna.com
10 VTUnknownamazon
ttzqiv.top
10 VTUnknownWalletConnect
uniswap-web3.com
10 VTLiveUniswap
walletanalytics.netlify.app
10 VTLive
web-git-develop.pancake.run
10 VTUnknownPancakeSwap
webchainresolver.web.app
10 VTUnknownWalletConnect
www.neuuihahhashkey.top
10 VTLive
ybribe.com
10 VTLivecompound
aethircloud-proposal.net
9 VTLivediscord
airdrop-hyperliquids.xyz
9 VTUnknownaave
airdrop-lighter.sbs
9 VTLivebase
airdrops-pendle.finance
9 VTUnknownPendle
amlcrypto.help
9 VTUnknownAMLBot
amlpremium.top
9 VTLivetelegram
app-jupiter-swap.org
9 VTUnknownJupiter
app-ratex.org
9 VTCF Bannedbackpack
« Prev 2 3 4 5 6 7 8 Next » Page 5 of 17