Man
Professional
- Messages
- 3,070
- Reaction score
- 606
- Points
- 113
Smart Contract Vulnerability Used to Steal $35 Million
Cryptocurrency scams continue to rise despite efforts to improve security and authentication methods. In the third quarter of 2024, fraudsters stole $127 million, of which $46 million was stolen in September alone. The recent incident was one of the largest attacks in the cryptocurrency world - as a result of a phishing attack, $35 million was stolen.
This case demonstrates the growing popularity of phishing scams, although previously the most common type of attack was "pig to slaughter" schemes, which the Commodity Futures Trading Commission (CFTC) actively fought against. Now, phishing attacks are coming to the fore.
The latest attack occurred through a malicious signature link, the victim of which lost 15,079 fwDETH — tokens worth about $35 million. The incident occurred after the owner of the wallet signed a permit through a phishing link, which led to an instant loss of funds. According to analytical platforms, the attacker has already managed to sell the stolen tokens, causing serious liquidity problems and a decrease in the price of fwDETH.
The attacker's address was identified as 0x0605edee6a8b8b553cae09abe83b2ebeb75516ec, and the victim's wallet, 0xeab23cfe3776adf45e2e3dc56bcf739f6e0a393, probably belongs to the venture capital firm Continue Fund, which invests in crypto projects. The hackers likely used temporary token addresses generated via the CREATE2 feature, making such attacks difficult to detect.
This case is not an isolated one. Previously, another user lost $32 million in a similar signature phishing attack, losing 12,083 spWETH. In total, according to Scam Sniffer, more than 10,800 people have already been affected by such phishing attacks.
Phishing link scams remain among the most difficult to detect. Attackers trick users into connecting their crypto wallets to fake services, after which the scammers can withdraw all funds without additional authentication.
According to CertiK, in the third quarter of 2024, the cryptocurrency market lost $753 million as a result of various attacks, of which $127 million was due to phishing scams.
Source
Cryptocurrency scams continue to rise despite efforts to improve security and authentication methods. In the third quarter of 2024, fraudsters stole $127 million, of which $46 million was stolen in September alone. The recent incident was one of the largest attacks in the cryptocurrency world - as a result of a phishing attack, $35 million was stolen.
This case demonstrates the growing popularity of phishing scams, although previously the most common type of attack was "pig to slaughter" schemes, which the Commodity Futures Trading Commission (CFTC) actively fought against. Now, phishing attacks are coming to the fore.
The latest attack occurred through a malicious signature link, the victim of which lost 15,079 fwDETH — tokens worth about $35 million. The incident occurred after the owner of the wallet signed a permit through a phishing link, which led to an instant loss of funds. According to analytical platforms, the attacker has already managed to sell the stolen tokens, causing serious liquidity problems and a decrease in the price of fwDETH.
The attacker's address was identified as 0x0605edee6a8b8b553cae09abe83b2ebeb75516ec, and the victim's wallet, 0xeab23cfe3776adf45e2e3dc56bcf739f6e0a393, probably belongs to the venture capital firm Continue Fund, which invests in crypto projects. The hackers likely used temporary token addresses generated via the CREATE2 feature, making such attacks difficult to detect.
This case is not an isolated one. Previously, another user lost $32 million in a similar signature phishing attack, losing 12,083 spWETH. In total, according to Scam Sniffer, more than 10,800 people have already been affected by such phishing attacks.
Phishing link scams remain among the most difficult to detect. Attackers trick users into connecting their crypto wallets to fake services, after which the scammers can withdraw all funds without additional authentication.
According to CertiK, in the third quarter of 2024, the cryptocurrency market lost $753 million as a result of various attacks, of which $127 million was due to phishing scams.
Source
