Recent Cryptocurrency Scams and Digital Thefts
In a distressing series of incidents, cryptocurrency users have fallen prey to sophisticated scams and digital thefts that have netted criminals millions of dollars in just a few days. An alarming report from ScamSniffer, an anti-fraud team, revealed that on August 15, a single victim lost a staggering 140 ETH, valued at roughly $636,500, after inadvertently copying a fraudulent address from their compromised transfer history.
Crypto Address Poisoning
This phenomenon, known as crypto address poisoning, occurs when scammers create nearly identical wallet addresses. They send trivial transactions from these address look-alikes to lure users into mistakenly using them for future transfers.
Cointelegraph recently highlighted another significant case from August 10, where an individual suffered an $880,000 loss in a similar scam. Additional reports detail two other victims, with losses of $80,000 and $62,000, respectively. Collectively, these scams have accounted for over $1.6 million in losses within a mere five-day window.
Phishing Schemes
Beyond address poisoning, ScamSniffer noted that users have reported losing at least $600,000 this past week due to falling for phishing schemes. These schemes commonly involve signing malicious requests such as ‘approve,’ ‘increaseAllowance,’ or ‘permit.’ Just on August 12, an individual lost BLOCK and DOLO tokens valued at $165,000 due to these types of deceptive actions.
Deceptive Marketplaces and Malware
Compounding the troubles, on August 11, an investigation by F6 analysts uncovered a scheme aimed at Russian consumers, featuring a deceptive marketplace promoting free cryptocurrency tied to a popular toy, Labubu. To engage with this phony promotion, victims were lured into connecting their crypto wallets. Upon connection, the malicious site sought access to users’ balance and transaction history, further requesting permissions to validate participation in an airdrop. Victims unwittingly allowed the transfer of their funds to the fraudster’s accounts based on these permissions.
Scammers previously utilized the Labubu brand to conduct account thefts via Telegram, where victims were baited with chances to win the toy or receive it for submitting reviews. This tactic also resulted in users divulging personal information and codes that ultimately led to losing their accounts.
Further compounding the situation, Kaspersky Lab reported a surge in thefts linked to a malware dubbed the Efimer Trojan. This malware spreads via compromised WordPress sites, torrents, and email, and targets individuals by collecting credentials for subsequent spam campaigns. The attackers often employ torrent files as bait, leading users to download malicious files disguised as harmless software. Reports indicate that 5,015 users fell victim to the Efimer Trojan between October 2024 and July 2025, with the majority of attacks occurring in countries like India, Spain, Russia, Italy, and Germany.
Cybersecurity Breaches
In a separate yet alarming incident, hackers gained control of vital operating systems at a Norwegian dam, manipulating the system to open water release valves. The breach—which occurred in April but was disclosed publicly in August—allowed over 7.2 million liters of water to escape before operators could intervene. Beate Gangos, chief of the Norwegian police security service, indicated that this act served more as an exhibition of the hackers’ prowess rather than a deliberate effort to cause significant damage.
Additionally, a prominent cybersecurity researcher, Harness Eaton Zveare, revealed vulnerabilities in the online dealer portal of a well-known automobile manufacturer, potentially exposing sensitive customer information and allowing for remote vehicle hacking. Zveare managed to bypass the portal’s login system entirely, creating a new administrator account that provided him access to over 1,000 dealerships across the United States. He managed to demonstrate how such vulnerabilities could permit linking any vehicle to a user’s mobile account, potentially allowing control over features from the app, including vehicle door locks—although he refrained from testing the capability to drive away with a vehicle. This revelation underscores the growing risks associated with technology in both the cryptocurrency and automotive sectors.
