Search our database of flagged domains. Check if a website is a scam, phishing, or legitimate.
0
Загальна кількість відстежених
0
Detected
0
«Content Alive»
0
Вміст не працює
0
VT — у процесі розгляду
How This Attack Works
WalletConnect Abuse involves deceptive tactics to exploit users of cryptocurrency platforms. Understanding these steps can help in prevention.
STEP 1
Creation of Fake Domains
Attackers create fake domains that mimic legitimate cryptocurrency platforms to lure victims.
STEP 2
Deployment of Phishing Pages
Phishing pages are set up on these domains to capture user credentials and wallet information.
STEP 3
Execution of Malicious Code
JavaScript and other scripting languages are used to execute malicious code that intercepts user data.
STEP 4
Unauthorized Transactions
Stolen credentials are used to authorize transactions, draining victims’ wallets.
Technical Analysis
WalletConnect Abuse often involves the creation of phishing sites that mimic popular cryptocurrency service providers. Attackers use sophisticated scripts to manipulate the WalletConnect protocol, intercepting the authentication process. This includes the use of JavaScript to capture private keys and signatures when users attempt to connect their wallets. Infrastructure-wise, attackers frequently utilize content delivery networks like Cloudflare to host phishing sites, taking advantage of high availability and speed. Additionally, smart contracts are sometimes manipulated to automatically approve transactions that transfer funds to the attacker’s address without the victim's explicit consent.
Real Cases
The Opensea Phishing Incident (2024)
$2 million stolen
A phishing campaign targeting Opensea users resulted in significant financial losses and credential theft.
Vercel App Scam (2023)
$1.5 million stolen
Attackers used fake Vercel app domains to trick users into revealing wallet information, leading to unauthorized access.
Marketplace-Art Fraud (2024)
$3 million stolen
Fraudulent marketplace-art domains were used to deceive users into connecting their wallets, resulting in asset theft.
How to Detect
Unfamiliar domain names mimicking legitimate services
Requests for private keys or seed phrases
Unexpected transaction requests
Poor website design or misspellings
Limited or no HTTPS security
How to Protect Yourself
1
Always verify domain authenticity
2
Enable two-factor authentication
3
Use hardware wallets for transactions
4
Regularly update security software
5
Educate yourself on common phishing tactics
Frequently Asked Questions
Data sourced from PhishDestroy threat intelligence database — 1,655 domains tracked for this threat type
WalletConnect Abuse 1,655 domains


rewards-soracles.com


scope.rocketlauncher.gg


service-usdt.org


signup-pepes.com


signup-sends.info


spacepay.live


squid-bridge.com


stake.vianxy.online


sudbbtoken.com


sushiswap.click


swiftwalletvalidation.web.app


tapcoin.app


tcomglobal-airdrop.xyz


tct-tectum.org


tensorusd.com


tradetide.org


trendsfun-git-feature-jupiter-swap-takoprotocol.vercel.app


trendsfun-git-feature-new-12-api-takoprotocol.vercel.app


truemoney.finance


trust-whitebridge.live


trustwallet-miner.com


tsa-presale-oppurtunity.web.app


turbotrump.info


twt17.top


ultradex.live


unich-quest.com


vaultblockchain.ink


verifusdt.com


vote-gaibai.com


vote-manyushib.com


vote-tokensworks-com.pages.dev


votes-onbeams.com


votes-trovemarkets.pages.dev


voting-redstones.com


vwavanguard.com


walletconnects-wnt.hf.space


web.illuvium.icu


wojakwhales.com


www.4onbsc.com


www.amlbot-audit.app


www.batchrevoker.xyz


www.checks-secure.com


www.dare.market


www.defigap.app


www.magicmoni.xyz


www.notpad.fun


www.wlfipad.top


www.xmaquina-verify.com


x2h3q-jaaaa-aaaan-qmwdq-cai.icp0.io


xlaunch-pad.firebaseapp.com


0-cz.com


2heg6-2aaaa-aaaap-qbl3q-cai.icp0.io


2jglw-bqaaa-aaaap-qbl2q-cai.icp0.io


aava.pages.dev


agicoin.vip


airdrop-boundless.site


airdrop-mmt.com


airdrop.clashofgalaxies.com


airdrop.ethena-early-access.claims


airdrop.firachain.com


airdrop.inflora.cloud


airdrop.liquify.ventures


airdrop.riftswap.net


airdrop.sheetchain.com


airdrop.sonicsvn.com


airdropnesaratoken.com


airdroptool.dev


almanak-tge.com


amerany.com


aml-infos.com


aml-tools.com


aml.ink


amlbot-trackers.com


amlookcheck.com


amlrating.tech


anichess-tge.com


animalfarm3app.com


anny-airdrop.com


apelloweb3.gg


app-hyperliquidl.cam


app.ray.sx


appethos-invite.network


apptea-fi.com


aragon-vote.com


auth-sammm.quboid.app


auth-westside.quboid.app


award-yieldusd.com


base.meme


bitcoinhyperpresale.com


bnb-real.hivehubs.app


bob-sepolia-q8djryial-distributed-crafts.vercel.app


bobonbsc.com


bonuses-zkpass.com


boostmypi.com


boundless.eligibility.ink


brevis-tge.com