'Ronin Wallet' Pop-Up Scam

The 'Ronin Wallet' pop-up scam is in essence a phishing scheme. The fraudsters aim to obtain users' wallet credentials for Ronin, a blockchain project utilized by the popular online game Axie Infinity. At the end of March 2022, Ronin become the victim of one of the largest thefts of cryptocurrency with the threat actors being able to obtain over 173 thousand Ether tokens and 25.5 million USD coin tokens. The total worth of the collected tokens at the time surpassed $600 million.

As for the 'Ronin Wallet' pop-up scam, it displays either genuine Ronin imagery or close approximations in an attempt to appear as a legitimate Ronin wallet page associated with the project. In addition, users will be presented with a button labeled 'I already have a secret recovery phrase. Import wallet.' Pressing the button will trigger a redirect to a dedicated phishing portal.

Users will now be asked to import their existing Ronin wallets by inputting their seed phrases (also known as passphrases) and confirming their passwords. Following the instructions will expose the entered information and make it available to the scammers. With the user's credentials in hand, the scammers could take over the associated crypto-wallet account and siphon out any funds found there. The scammers could also attempt to exploit the acquired data to expand their reach and compromise additional accounts belonging to the user such as emails, social media accounts, app subscriptions and more.