As of Friday, users have been targeted in a new form of digital fraud termed “sleepdropping,” with over $11.5 million stolen since December 2022, according to a research report by cybersecurity firms Forta Network and Blockfence. The scam involves sending seemingly legitimate ERC-1155 tokens, often disguised as non-fungible tokens (NFTs), to unsuspecting users.
The fraudsters’ strategy is to lure users to deceptive websites where they are tricked into authorizing transactions that ultimately transfer their assets into the hands of the scammers. Despite ongoing investigations, the identities of those behind this operation remain unknown.
The cybersecurity research identified more than 100 unique smart contracts associated with the scam, all displaying similar deployment patterns. These scams typically involve three main stages: first, the distribution of deceptive NFTs appearing to originate from credible sources; second, the creation of misleading websites; and finally, the deployment of malicious contracts that deceive users into parting with their funds.
Over half a million addresses have received these deceptive token airdrops so far, with over 20,000 users confirmed as victims. One noted example involved users receiving a counterfeit Lido NFT token disguised as a “badge” for claiming an airdrop.
The Lido token scam was particularly sophisticated as it seemed to come from an authentic smart contract that had previously issued an airdrop to early Lido stakers in 2021. The complexity of ERC token contracts allows them to be manipulated even when they are genuine.
The NFT itself does not pose a risk to a user’s wallet. However, if users believe the airdrop is genuine and interact with it, they may end up claiming malicious tokens on a fraudulent site.
This article was generated with the support of AI and reviewed by an editor. For more information see our T&C.