In a significant blow to the cryptocurrency market, a phishing scam executed just hours ago has resulted in a staggering loss of $35 million, following a fraudulent permit signature incident.
The rise of cryptocurrency-related scams continues unabated, with the total amount stolen through scams in the third quarter of 2024 reaching a concerning $127 million, and $46 million in just September alone. Despite advancements in security measures, scammers are evolving their tactics, leading to an increase in phishing scams.
The latest incident involved a cybercriminal who successfully swindled $35 million worth of fwDETH tokens from an unsuspecting victim, who fell prey after clicking on a malicious “permit” signature link.
Details of the Attack
The attack was reported on X by Lookonchain, which detailed how a significant amount of fwDETH, totaling 15,079 tokens and valued at approximately $36 million, was lost within moments. This event serves as a stark reminder of the importance of vigilance in the crypto space.
“Crazy! Someone (probably related to @ContinueFund) lost 15,079 fwDETH (worth $36M) by signing a ‘permit’ phishing signature 6 hours ago!” Lookonchain tweeted. They advised users to refrain from clicking on unknown links and to verify any signatures before approval.
As investigations unfold, the hacker’s wallet address has been identified as 0x0605edee6a8b8b553cae09abe83b2ebeb75516ec, which was used to liquidate the stolen funds. The victim, linked to Continue Fund—a venture capital firm investing in crypto projects—has become a recent casualty of phishing schemes, a frequent issue in the Web3 space.
Scam Mechanics
The phishing scheme appears to have exploited temporary token spender addresses generated using the CREATE2 function, a technique that complicates detection for average users and investors.
Following this incident, the crypto community has felt the ripple effects. A separate user, Roffett.eth, noted the significant liquidity issues and price declines resulting from the swift liquidation of fwDETH tokens by the scammer.
Other Victims and the Broader Impact
The fallout from such scams extends beyond individual losses. Various decentralized finance (DeFi) protocols, including PAC Finance and Orbit Finance, are also experiencing disruptions due to the recent fwDETH sell-off, although these platforms have yet to issue official statements.
Another alarming case was highlighted by Scam Sniffer, a Web3 security firm, revealing that 10,800 individuals have fallen victim to similar phishing attacks. One such victim lost $32.43 million worth of spWETH tokens, underscoring the pervasiveness of these threats.
Phishing scams often trick users into connecting their crypto wallets to fraudulent websites or services, allowing scammers to withdraw funds without further authentication. The subtleties of these scams make them particularly challenging to identify, increasing the vulnerability of users.
Contrasting Market Opportunities
Despite these alarming security concerns, the cryptocurrency market also presents opportunities for significant profits. Recently, a trader managed to gain $3.37 million within just a month, illustrating the volatility and potential of crypto trading.
Concluding Insights
According to CertiK, the third quarter of 2024 saw a cumulative loss of $753 million due to various crypto scams, with phishing attacks alone accounting for $127 million of that total. The recent $35 million loss due to a phishing scam is a stark reminder of the risks associated with cryptocurrency investments. As the price of fwDETH and the businesses relying on it face uncertainty, experts warn that liquidity issues may continue to affect the market.
Related topics:
South Korea’s Financial Services Commission Launches Investigation into Upbit
Ethereum ICO Whale Dumps 6K ETH: Is a Price Correction Ahead?
