Whale Duped for $55M DAI in Phishing Attack, ZachXBT Confirms

3 months ago 22
ARTICLE AD

This incident represents a broader trend of rising numbers of attacks in the DeFi ecosystem.

A prominent crypto whale has recently lost around $55.4 million worth of Dai stablecoin in a sophisticated phishing attack on August 20. The incident was first brought to light by on-chain analyst ZachXBT.

According to cybersecurity firm CertiK, the security breach involved the use of Inferno Drainer — a notorious phishing tool that has been employed in several recent attacks. Inferno Drainer operates by luring unsuspecting victims into providing their sensitive information through fake websites or emails that mimic legitimate crypto exchange platforms or decentralized finance (DeFi) protocols.

The attacker exploited a vulnerability to gain access to the victim’s externally owned account (EOA), which was tied to a Maker Vault. Notably, Maker Vaults are collateralized debt positions that enable users to borrow Dai stablecoins by depositing collateral, such as Ethereum (ETH), into the vault. This system allows users to maintain liquidity without needing to sell their assets.

Once the malicious actor had control of the EOA, they swiftly transferred ownership of the user’s DSProxy — a smart contract that enables multiple transactions to be executed in a single call — to an address under their control. With this newfound access, the attacker reset the protocol’s owner address to their wallet and proceeded to mint 55,473,618 Dai stablecoins into it.

The attacker’s next move was to swap the stolen funds. Soon after the phishing attack, they converted around 27.4 million Dai into 10,820 Ethereum tokens, according to a post by PeckShieldAlert on X.

Rising Security Breaches

This incident represents a broader trend of rising numbers of attacks in the DeFi ecosystem. According to a report by security services platform Immunefi, the crypto industry had already recorded losses of $1.19 billion from 149 hacks and scams by the end of July. For instance, Solana-based Sanctum Protocol recently reported a major security breach that poses threats to phishing scams.

Phishing, a type of online fraud, involves attackers impersonating trusted entities to deceive victims into revealing sensitive information. Common warning signs include unsolicited contact, promises of guaranteed returns, and pressure to act quickly. The phishing attackers have recently targeted the users of the Telegram-based game Hamster Kombat.

It is important to note that X has become a playground for such attackers, with users of the social media platform pointing out that there exist websites that pose as fake X support and aim to dupe investors into losing their money. Former journalist Charles Smith said in a post a few days ago that one such fake X support website surfaced, which was registered through Cloudfare. Smith pointed out that Cloudfare is not interested in taking the website down and, as a result, called X owner Elon Musk for help.

Cybersecurity News, News, Technology News

Read Entire Article