- A significant phishing attack led to a loss of $24.23 million in stETH and rETH from a well-experienced crypto user’s address.
- The victim was tricked into signing an “increase allowance” transaction, which allowed the scammers to gain token approval.
- The stolen assets were converted into Ethereum and DAI and dispersed across multiple addresses, indicating a highly planned operation.
In a recent development, Wu Blockchain has revealed that a significant phishing attack occurred today, affecting a well-experienced crypto user. According to Scam Sniffer, a Web3 security firm, the victim’s address, 0×13…179e, lost $24.23 million in stETH and rETH. This incident is considered one of the largest crypto phishing cases ever recorded.
The victim fell prey to the scam by signing an “increase allowance” transaction, granting the fraudsters token approval. Subsequently, the scammers converted the stolen assets into Ethereum (ETH) and DAI and dispersed them across multiple addresses. This sophisticated maneuver indicates high planning and execution for the criminals involved.
Moreover, the victim is not a novice in the crypto space. The address 0×13…179e has a rich history of on-chain activities and is a large liquidity provider (LP). Specifically, the address has provided WBTC/USDT liquidity of over $1.6 million on Uniswap V3. Additionally, the protocols used by this address include well-known names like Aave, 1inch, Curve, OMG, and EOS.
As per Wu Blockchain this deposit was also associated with Bitfinex exchange:
The earliest transaction linked to this address could be traced back to June 2017 and originated from Bitfinex, a cryptocurrency exchange. This extensive background underscores the alarming fact that even seasoned crypto users are susceptible to advanced phishing attacks.
In a parallel development, a report identified a surge in scams that targeted MetaMask users in various countries. This news raises significant concerns, given that MetaMask is one of the most popular Ethereum-based crypto wallets. The increase in scams highlights the vulnerabilities in the crypto space and underscores the need for enhanced security measures to protect digital assets.
The issue goes beyond individual or group scammers. Various governments have reportedly played a role in redirecting their citizens to counterfeit websites through their official portals. These counterfeit sites then request access to the users’ MetaMask wallets, putting them at high risk of losing their digital assets. This governmental involvement adds a layer of complexity to the problem, making it even more challenging for users to navigate the crypto landscape safely.