A significant phishing attack on Tuesday resulted in a cryptocurrency investor, known as "0x13e382", losing approximately $24.23 million worth of liquid staked Ethereum, including 4,851 rETH and 9,579 stETH. The theft is considered one of the largest ever from a single victim, according to Web3 security firm Scam Sniffer.
The firm revealed that the victim had unknowingly approved token transactions to the scammers by signing “increaseAllowance” transactions. The stolen funds initially landed in two addresses, 0x693b72 and 0x4c10a4, with some assets later moved to the Fixed Float exchange and others to three distinct addresses.
Interestingly, one of the addresses linked to this fraudulent activity, particularly 0x4c10a4, is associated with numerous cryptocurrency phishing websites and has been active since May 21. Despite the victim's identity remaining undisclosed, their transaction history suggests they are a seasoned liquidity provider with substantial on-chain experience. This wallet has been operating since 2017 and currently facilitates over $1.6 million in WBTC/USDT liquidity on the Uniswap V3 platform.
The recent event underscores the ongoing threat of phishing scams in cryptocurrency, even amid a bear market. According to cybersecurity experts at Kaspersky, crypto-related phishing scams have increased by 40% year-on-year.
On September 6, cybersecurity firm Group-IB warned of a major phishing threat actor called “W3LL”. The threat actor operates a hidden underground market selling tools designed to bypass Microsoft (NASDAQ:MSFT) 365 multifactor authentication (MFA). Between October 2022 and July 2023, over 56,000 accounts were compromised. Experts warned that these tools signal a dangerous new era of sophisticated “adversary-in-the-middle” phishing attacks designed to bypass MFA that will be hard to detect.
This article was generated with the support of AI and reviewed by an editor. For more information see our T&C.