A new alert from blockchain security firm, PeckShield revealed, that a cryptocurrency investor lost approximately $24.23 million worth of digital tokens in “one of the largest phishing attacks” in recent history.
On September 7, PeckShield took to X, revealing the gargantuan phishing attack that drained a staggering 9,579 stETH and 4,851 rETH from the crypto whale. stETH is the Lido staked Ethereum (ETH) token, while the Rocket Pool staked Ethereum token is rETH.
#PeckShieldAlert A whale fell victim to a #phishing attack, losing $24.24M worth of cryptos, including ~4,851 $rETH and 9,579.2 $stETH.
The phisher has already swapped these $rETH and $stETH for ~13,785 $ETH and 1.64M $DAI.
A portion of the $DAI (~451K $DAI) has already been… pic.twitter.com/3jPTJWeqw4
— PeckShieldAlert (@PeckShieldAlert) September 7, 2023
According to Web3 security firm, Scam Sniffer, the whale wallet victim with the address 0x13e3 gave the token approvals to the scammer by signing “increaseAllowance” transactions. These stolen funds initially landed in two addresses, namely 0x693b72 and 0x4c10a4.
However, the scammer swiftly transferred the ill-gotten funds to his wallet, converting the stolen stETH and rETH into ETH worth roughly $22.5 million, and 1.64 million DAI and transferred them to three different wallet addresses. Scam Sniffer labeled the attack as probably “the largest amount ever stolen from a single victim.”
the victim gave the token approvals to the scammer by signing "increaseAllowance" transactions.https://t.co/li9LfzKH0M
— Scam Sniffer (@realScamSniffer) September 7, 2023
As per initial investigations, it seems the victim accessed a cryptocurrency website containing a phishing link or maybe a scam of some sort. During the transaction signing process, they may have unknowingly fallen victim to the fraudster, resulting in the substantial loss of stETH and rETH.
The investigation not only linked the fraudulent wallet to this incident but also found associations with multiple cryptocurrency scam websites in the past. The evaluation tool rated the attacker’s wallet with a “severe” score of 100, indicating a high likelihood of malicious activity.
Although the victim’s identity remains undisclosed, their transaction history indicates a seasoned liquidity provider with substantial on-chain experience. This wallet has operated since 2017 and currently facilitates over $1.6 million in WBTC/USDT liquidity on the Uniswap V3 platform.
Phishing Attack Surges Nearly 40%
Over the recent past, phishing-related attacks have become more common and increasingly sophisticated in the cryptocurrency space. According to cybersecurity firm Kaspersky, the financial threat landscape has seen significant changes with cryptocurrency phishing attacks surging by 40% in just one year.
1/ Update: The terra(dot) money domains have successfully been frozen to prevent further user phishing scams, but a full resolution is still underway.
Please read the following 🧵 for more information 👇
— Terra 🌍 Powered by LUNA 🌕 (@terra_money) August 22, 2023
Recently, Terra Blockchain temporarily suspended its website after it was compromised due to a phishing scam that was targeting unsuspecting users on the platform. In March, a leading blockchain-based gaming platform, The Sandbox issued a warning regarding a security breach specifying that a phishing email was sent to some users.
The Web3 gaming platform said the email contained hyperlinks that could be used to install malware on the user’s computer granting it control over the machine and giving access to the user’s personal information.
