Security expert Plumferno highlighted on Twitter that fraudulent emails, appearing to originate from the BlockFi restructuring team, are offering affected users the opportunity to withdraw their remaining balances, allegedly related to an update on their court case.
Creditors of these troubled exchanges have been anticipating reimbursements since a New Jersey bankruptcy court approved BlockFi’s plan to fully refund Wallet customers in October 2023.
Exploiting the frustrations of creditors, scammers have managed to accumulate at least $7 million worth of digital assets and NFTs.
Pink Drainer, identified as a threat group primarily focused on phishing, targets cryptocurrency investors.
Furthermore, Plumferno noted that some creditors may be unaware that they are falling victim to theft.
“The most alarming aspect of this scam is that the majority of the assets were stolen from dormant wallets—individuals likely affected by the BlockFi bankruptcy who haven’t accessed their funds since,” the analyst wrote.
This email scam has also affected FTX creditors. Emails appearing legitimate from FTX claim that the company is undergoing “restructuring efforts” and is allowing all users to withdraw their assets fully.
Plumferno revealed that the perpetrators utilized compromised emails from a data breach at Mailer Lite in January.
“It is highly probable that these emails are linked to the MailerLite database breach in January,” Plumferno noted. “This is evident because the same sender information is present in both the fake BlockFi and FTX emails.”
The blockchain investigator first identified the scam after noticing a sudden increase of nearly $4.5 million in Ether entering the scammers’ wallet last week.
Reports indicate that the scammers also obtained blue-chip NFTs, including Mutant Apes and Otherdeed.