Anonymous hacker in a hood.

Crypto scammers impersonate Sony-backed Soneium blockchain to drain wallets

Written by
Edited by
Written on Oct 22, 2024
Reading time 3 minutes
  • Scammers are impersonating Sony's Soneium blockchain.
  • The fake site was promoted using Google ads.
  • Uniswap and Revoke Cash Crypto users have also been targeted by similar phishing schemes recently.

Follow Invezz on Telegram, Twitter, and Google News for instant updates >

Crypto scammers once again leveraged Google ads to target investors, this time masquerading as Sony’s blockchain platform Soneium, to drain crypto assets.

Advertisement

Are you looking for signals & alerts from pro-traders? Sign-up to Invezz Signals™ for FREE. Takes 2 mins.

According to blockchain security firm Scam Sniffer, a Google search for “someium” led users to a sponsored ad mimicking Soneium’s official website.

Advertisement

The ad directed users to a malicious site that drained crypto wallets by tricking visitors into signing transactions.

Scam Sniffer emphasised the importance of staying vigilant adding:

“Phishing always happens when you’re not paying attention, even if you mistakenly spell ‘soneium’ as ‘someium’.”

Soneium, Sony’s Ethereum layer-2 blockchain project, went live on its testnet in August.

Developed by Sony Block Solutions Labs in partnership with Startale Labs, Soneium uses OP Stack, a framework from Optimism Foundation, and incorporates Optimistic roll-up technology for off-chain processing of multiple transactions. 

The association with Sony has garnered a lot of attention among investors, making the project a target for scammers.

Based on past incidents, the phishing attack most likely targeted users via what is commonly referred to as approval phishing, where bad actors mislead users into signing malicious blockchain transactions often under the guise of fake apps and offers. 

When victims unknowingly sign these transactions, they transfer control of their assets to the scammers.

Per Scam Sniffer, the link used in the attack appeared as a regular ad on Google but directed users to a suspicious site under a different domain.

The website, reportedly for a radiology service in the UK, led users to an unfinished landing page running a crypto wallet drainer.

Scam Sniffer said in a statement that the fake website used sophisticated tactics to avoid detection by Google’s algorithms. 

Google ads have become a tool for crypto fraud in recent months. Last week, scammers set up a similar scheme to impersonate Uniswap’s new Ethereum layer-2 solution, Unichain. 

The fake site, unlchalindefi[.]com, mimicked Unichain’s interface but swapped out key buttons like “Get Started” and “Read the Docs” to deceive users.

When visitors connected their wallets, the site bombarded them with transaction requests, tricking them into approving transfers that emptied their accounts.

In September, scammers also targeted Revoke Cash Crypto users, redirecting them to a malicious website.

This led to further wallet compromises through harmful scripts embedded in the fake site.

Phishing attacks surge

Copy link to section

In its October report, Scam Sniffer revealed that over $46 million in cryptocurrency was stolen from 10,800 phishing scam victims during September.

One notable case involved an individual who lost 12,083 spWETH after signing a malicious permit. 

On average, phishing scams affected 11,000 victims per month during the third quarter of the year, with scammers making off with $127 million.

CertiK, another blockchain analytics company, also highlighted the surge in phishing attacks.

Its third-quarter report stated that phishing was responsible for $343.1 million in losses across 65 incidents, marking it as the most damaging form of crypto-related cybercrime during the period.

Advertisement

Other content you may like