As a seasoned analyst with years of experience in the cryptocurrency market, I can’t help but feel a sense of deja vu when reading about yet another case of a trader falling victim to an approval phishing attack. It seems like these scams have become as commonplace as bitcoin whales in the sea of digital assets.
A trader suffered a significant loss, amounting to more than $1.28 million, when they executed a harmful authorization for the transfer of cryptocurrencies.
Based on information from PeckShieldAlert, it is reported that a cryptocurrency user fell victim to a phishing scam on October 14, resulting in the loss of approximately 108 billion PEPE, 73.8 million APU, and 165,000 MSTR tokens. This unfortunate incident occurred when the user unwittingly authorized a fraudulent transaction by signing a permit signature.
0xb0b8…40c7 is an address that has been emptied of approximately $1.28 million in cryptocurrencies, including 108 billion PEPE tokens, 73.8 million APU tokens, and 165 thousand MSTR tokens. This occurred after the owner signed a fraudulent permit for phishing. The phishing address Fake_Phishing442846 is associated with scammers who have stolen around $32 million in total…— PeckShieldAlert (@PeckShieldAlert) October 14, 2024
Here’s one way to rephrase that sentence in natural and easy-to-read language:
Among the listed addresses, one dubbed “Fake_Phishing442846” was implicated in a separate incident about two weeks back. This incident resulted in a substantial loss for an affected wallet, with over $32 million in spWETH tokens being drained following the execution of a suspect transaction with similar malicious intent.
Currently, a blockchain analysis company known as Arkham has revealed that the latest attack was carried out with Inferno Drainer – a versatile service offering cryptocurrency scams across multiple chains. Given this information, it’s plausible to assume that the perpetrators of the recent attack may have utilized this scam toolkit as well.
For the uninitiated, Inferno Drainer functions as a paid service for cybercriminals, providing them with tools to construct deceptive websites and software applications. These tools are designed to mislead users into relinquishing control of their digital wallets. The developers levy a 30% fee on the creation of these phishing sites and an additional 20% for each successful scam they execute.
So far, Inferno Drainer has focused on swindling numerous cryptocurrency initiatives, successfully pocketing approximately $237,775,036 from more than 200,000 unsuspecting victims according to Dune analytics. On November 26, 2023, the developers declared their intention to permanently shut down the service. Yet, in May 2024, the toolkit re-emerged due to a resurgence of interest from its clients.
đź“Ł Here’s some news that might not exactly bring joy… Inferno Drainer has resumed operations once again.
— Plum (@Plumferno) May 20, 2024
Phishing attacks have become a growing threat in the cryptocurrency space, with one of the leading reasons behind victims’ losses being approval phishing attacks. According to an August report by Chainalysis, these attacks have siphoned off over $2.7 billion since 2021.
Last week, it is said that a digital wallet connected to a venture capital firm experienced a loss of approximately $35 million in fwDETH tokens following the execution of a questionable permission signature.
For the third quarter, CertiK’s security analysis identified phishing as the most harmful type of attack, causing approximately $343.1 million in damages across 65 separate instances.
Read More
Sorry. No data so far.
2024-10-14 11:50