As a seasoned researcher who has witnessed the evolution of cybercrime over the past few years, I can’t help but feel a sense of dread when reading about these sophisticated phishing attacks in the Web3 ecosystem. The recent $55 million Dai token heist is yet another grim reminder that the digital frontier, while promising, remains a hotbed for malicious activities.
A significant cyber-heist involving a high-profile cryptocurrency investor has been carried out through a recent phishing scam. This attack resulted in the pilferage of approximately $55 million worth of Dai tokens, highlighting the increasing intricacy and prevalence of such digital attacks within the Web3 community.
Attack Details
Based on information from blockchain analysis firm Lookonchain and cybersecurity specialists at CertiK, a phishing scheme was masterminded by the entity known as “Fake_Phishing187019.” This cunning individual managed to steal approximately 55 million Dai tokens by taking advantage of weaknesses in externally owned accounts (EOAs), which function similarly to traditional bank accounts and can be vulnerable if not adequately protected.
On August 20, 2024, at 5:40:47 PM UTC, there was an unauthorized access that took place. The culprit tricked the victim into endorsing a seemingly harmless transaction. However, this transaction went undetected by the user as it covertly transferred control of DSProxy #166,776 to a shady email address associated with phishing activities. This deceitful transaction paved the way for the eventual misappropriation of Dai tokens.
Laundering Stolen Funds
After the intruder took over the breached safe, they quickly created and withdrew the pilfered tokens. These swiped resources were then cleaned through a sequence of intricate transactions. Initially, $36 million was moved to an unidentified location, while another $17.5 million was channeled via the CoW protocol in the next step.
To add more complexity to the theft, the hacker swapped the taken Dai tokens for Ethereum (ETH) and Bitcoin using Uniswap V3, a popular decentralized trading platform. This action underscores the extensive measures cybercriminals employ to hide their ill-gotten gains, making it tougher for law enforcement agencies to trace and recover the stolen digital assets.
The Inferno Drainer Exploit
CertiK’s analysis identified the phishing technique used in this attack as part of the broader “Inferno Drainer” category. This type of smart contract exploit manipulates transaction permissions, allowing attackers to redirect assets to addresses they control. Inferno Drainer tactics often involve embedding malicious code within contracts that appear legitimate, deceiving users into unknowingly granting access to their digital assets.
Growing Frequency of Cyber Attacks
1. The latest cyber incident underscores a troubling pattern in the Web3 realm, where such attacks are increasing both in frequency and complexity. The July 2024 CertiK report painted a bleak picture of the existing security situation, with $270.9 million in losses due to various data breaches, cyber intrusions, and fraudulent activities. Shockingly, only $7.8 million was recouped, underscoring the hurdles we face in defending against these threats. The WazirX hack, leading to a loss of $230 million, is a stark illustration of the sector’s susceptibility.
Additionally, CertiK found out that around $500 million was swindled via phishing attacks during the first half of 2024, including one that targeted the decentralized exchange and staking platform MonoSwap. As a result, MonoSwap advised its users to halt staking or make further deposits on the platform.
Read More
Sorry. No data so far.
2024-08-22 19:14