On December 6, a cryptocurrency user known as “LeftsideEmiri” on X shared that they had lost $300,000 after interacting with a fraudulent work meeting link.
In one thread, the individual described the incident as a social engineering attack, noting that they had not approved or signed any transactions.
$300,000 lost in an attack
“I thought it would never happen to me, but it did,” the user wrote, revealing that they had lost $300,000 from various portfolios. According to the victim, the incident started when they received a direct message on X that contained a KakaoTalk link, a popular messaging platform, for a scheduled collaboration discussion.
The user explained that he had clicked on the link, which appeared to be non-functional, leading them to dismiss it as harmless. However, they now believe he secretly installed malware that compromised their digital wallets.
Affected wallets include an Ethereum address and a Solana address, along with several others that were also depleted.
The attacker, identified by the username “0xQwerky” on X, allegedly transferred the stolen funds to a wallet linked to the BingX cryptocurrency exchange. LeftsideEmiri has asked the exchange to step in and potentially recover the stolen assets.
“If anyone can help in any way, it would be greatly appreciated,” the user pleaded. They also warned the crypto community to avoid clicking on job interview links or trusting unsolicited messages on social platforms.
Experts warn of increasing fishing threats
The incident comes as cybersecurity analysts predict an increase in cryptocurrency phishing scams during December.
According to security firm Web3 Scam Sniffer, phishing attacks in November resulted in losses of almost $9.4 million, with more than 9,200 investors affected. One notable case involved a victim who lost $661,000 in stETH in a matter of minutes, which the company described as the “tip of the iceberg.”
The platform warned that malicious blockchain signatures continue to pose the biggest threat to crypto users. Fraudsters use these techniques to trick people into signing fraudulent transactions, giving them full control over victims’ wallets and causing substantial financial losses.
In January 2024, a phishing scam led to the theft of $4.2 million from aEthWETH and aEthUNI. The attackers manipulated ERC-20 permissions to bypass security alerts and access the victim’s funds.
A more recent exploit in October saw a crypto investor lose 15,079 fwdETH, worth approximately $36 million, in a fishing permit scam. According to Scam Sniffer, the bad actor tricked the individual into signing a malicious signature, gaining unrestricted access to their funds.
SPECIAL OFFER (Sponsored) Binance Free $600 (Exclusive to CryptoPotato): Use this link to register a new account and receive an exclusive welcome offer of $600 to Binance (full details).
LIMITED OFFER for CryptoPotato readers on Bybit – Use this link to register and open a FREE $500 position with any currency!
Bitcoin 
Ethereum 
Tether 
XRP 
Solana 
BNB 
Dogecoin 
USDC 
Cardano 
Lido Staked Ether 
TRON 
Avalanche 
Chainlink 
Shiba Inu 
Wrapped stETH 
Toncoin 
Polkadot 
Sui 
Wrapped Bitcoin 
Stellar 
Hedera 
Uniswap 
Bitcoin Cash 
WETH 
Pepe 
Litecoin 
LEO Token 
NEAR Protocol 
Wrapped eETH 
Aptos 
Internet Computer 
Hyperliquid 
Ethena USDe 
Aave 
POL (ex-MATIC) 
USDS 
Ethereum Classic 
Cronos 
Render 
VeChain 
Artificial Superintelligence Alliance 
Bitget Token 
Bittensor 
Mantle 
Kaspa 
Arbitrum 
Filecoin 
MANTRA 
Algorand 
Monero