Phishing scammers have replicated the websites of crypto media platform Blockworks and Ethereum blockchain scanner Etherscan to deceive unsuspecting users into connecting their wallets to a crypto drainer.
The fake Blockworks site featured a fabricated “BREAKING” news report on a supposed multimillion-dollar “approvals exploit” on the decentralised exchange Uniswap, guiding users to a fake Etherscan site for purported approval reversals.
The counterfeit Uniswap news article appeared on multiple crypto-related subreddits on Reddit, posted by Reddit accounts that appeared to be compromised.
The fraudulent Etherscan website, posing as a token and smart contract approval checker, serves as a wallet drainer. Blockchain security firm Beosin identified that the attacker aims to drain wallets with a minimum of 0.1 Ether (equivalent to $180), but the drainer is flawed, lacking a phishing transaction prompt after the wallet connection. Domain checks reveal that the fake Etherscan site, approvalscan.io, was registered on October 25, while the counterfeit Blockworks site, blockworks.media, was registered a day later. A separate incident involving a wallet drainer on a clone of crypto news outlet Decrypt was highlighted by anti-scam platform Scam Sniffer in an October 25 Twitter post, clarifying that distinct scammers manage the imitated Blockworks and Decrypt sites.