As a seasoned researcher with a decade-long journey delving into the complex world of cybersecurity and blockchain technology, I find myself deeply troubled by the recent $35 million heist that rocked the DeFi landscape. The intricacies of this attack are a chilling reminder of how the digital frontier can be as treacherous as it is promising.
More recently, a cyberattack occurred where a hacker successfully extracted $35 million worth of fwdETH from an unsuspecting user’s wallet. This was achieved by the user unwittingly approving a malevolent “authorization” signature, which ultimately allowed the attacker to empty their digital wallet. The unfortunate outcome resulted in a substantial decrease in the value of fwdETH due to this large-scale withdrawal.
It turns out that the hacker didn’t just halt at this point; further examination by cryptocurrency detectives uncovered that the hacker swiftly sold off the illegally obtained fwdETH at a rapid pace from their address. This quick sale significantly lowered the price of dETH, which in turn created chaos across numerous Decentralized Finance (DeFi) platforms such as PAC Finance and Orbit Finance, both of which heavily rely on dETH.
Preliminary findings suggest that the culprit behind the transfer of stolen funds is located at the address 0x0605edee6a8b8b553cae09abe83b2ebeb75516ec. Meanwhile, the victim’s wallet, recognized as 0xeab23cfe3776adf45e2e3dc56bcf739f6e0a393, was breached through a “permit” signature vulnerability, a technique frequently employed in Web3 phishing scams. This approach is growing more prevalent.
As a researcher, I’ve been closely observing the recent market events. Roffett.eth’s tweet shed light on a significant incident: the abrupt sale of fwdETH triggered a domino effect, impacting liquidity and stability within dETH-tied protocols. The unanticipated price fluctuations have left some of these protocols grappling with the aftermath, trying to navigate through the turbulence.
Scam Sniffer explained that the strategy employed by the attacker involved creating temporary token spender addresses through the use of the CREATE2 function, which makes it difficult to identify and detect these attacks. This revelation has sparked concern within the wider cryptocurrency community, as there are growing worries about the increasing complexity of phishing tactics specifically aimed at DeFi users.
Ring protocol and Orbit protocol have not given any publicly given regarding the incident.
Read More
Sorry. No data so far.
2024-10-11 08:53