ETH
by Soumen Datta
October 11, 2024
Hackers drain 15,079 fwDETH from unsuspecting user through malicious permit transaction
An entity reportedly linked to a cryptocurrency venture capital fund has fallen victim to a major cyberattack,ย losing $36 million worth of tokens in the process.ย
๐จ 5 hours ago, someone lost 15,079 fwDETH($35M) after signing a "permit" phishing signature.๐ธ pic.twitter.com/YG6KlgWMtv
โ Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) October 11, 2024
The victim, whose identity has not been disclosed, unknowingly signed a malicious permit transaction that allowed hackers to drain a large sum of wrapped Ethereum (fwDETH).ย
ย
According to blockchain monitoring serviceย Lookonchain, the attack occurred on October 11, 2024, targeting an on-chain entity believed to be tied to Continue Capital, a well-known crypto venture capital firm.
ย
The stolen funds, totaling 15,079 fwDETH, were then quickly sold off, causing a dramatic drop in the tokenโs value. fwDETH's price plummeted by 95% in its trading pair with fwWETH, but has since recovered, remaining down byย about 43%.
According to reports fromย PeckShield, the hackers lured the victim into signing a permit message. This permit message, signed offline by the victim, granted the attacker authorization to drain the victim's wallet without needing any further interaction.
ย
This type of phishing attack is particularly dangerous because it mimics legitimate requests for user signatures. Once the permit was signed, the attacker drained the funds from the victimโs account and quickly liquidated them on decentralized exchanges, causing a major drop in the tokenโs value.
ย
Having received $12.8K in fwDETH, the scammer address exchanged 11,826 $DETH for 1,172.8 $ETH (worth $2.8M). Further, it swapped 2,261 fwDETH for 1,114.4 ETH (worth ~$2.7M), according to PeckShield.
ย
The sharp decline in fwDETH's price also triggered problems for other DeFi protocols. PAC Finance and Orbit Finance, both of which rely on wrapped Ethereum tokens, were reportedly affected by the sudden drop in value.ย
Phishing attacks like this one are becoming more common and sophisticated. Hackers often disguise their malicious activities as legitimate requests for permissions, preying on the fast-paced nature of cryptocurrency trading, where users are constantly prompted to sign transactions or approve requests.
ย
According toย Certikโs 2024 blockchain security report, phishing is now one of the leading causes of financial loss in the crypto space. In the first half of 2024 alone, $498 million was stolen across 150 incidents due to phishing.ย
ย
In September 2024,10,800 victims were impacted by phishing attacks, according to Scam Sniffer. The largest attack that month sawย $32.43 million worth of spWETH stolen through a phishing permit signature, similar to the attack that drained fwDETH in this latest incident.
Disclaimer
Disclaimer: The views expressed in this article do not necessarily represent the views of BSCNews. The information provided in this article is for educational and informational purposes only and should not be construed as investment advice. BSCNews assumes no responsibility for any investment decisions made based on the information provided in this article
Author
Soumen Datta
Soumen is an experienced writer in cryptocurrencies, DeFi, NFTs, and GameFi. He has been analyzing the space for the last several years and believes there is a lot of potential with blockchain technology, even though we are still at an early stage. In his spare time, Soumen enjoys playing his guitar and singing along. Soumen holds bags in BTC, ETH, BNB, MATIC, and ADA.
Latest News
October 12, 2024
Weekly Article Recap: 10/07-10/11
October 11, 2024
Ripple Co-Founder Chris Larsen Donates $1 Million in XRP to Kamala Harris' Presidential Campaign
October 11, 2024
Crypto VC-Linked Entity Loses $36M to Phishing Attack - Report
October 11, 2024
Uniswap Labs Introduces Ethereum Layer-2, Unichain, to Address Scalability Issues
October 11, 2024
SEC Faces Legal Challenge as Bitnomial Disputes XRP Security Status
October 10, 2024
Potential Sell-Off? $16.7M in Seized PlusToken ETH Is on the Move
October 10, 2024
Thai SEC Proposes Rules Allowing Mutual and Private Funds to Invest in Digital Assets
October 9, 2024
ZachXBT vs. Murad Mahmudov: Doxxing Debate Shakes Crypto Twitter