Phishing Attack on Ether.Fi Leaves Crypto Investor $2 Million in Losses, Amidst $100 Million Industry Scam Surge
Crypto News – A recent phishing exploit has dealt a devastating blow to a cryptocurrency investor, resulting in a loss of 501 ETH valued at approximately $2 million. The assets were staked through the liquid restaking protocol, Ether.Fi.
Analysis of on-chain data has revealed that the theft occurred today, involving two separate transactions. In the initial transaction, 426 ETH were drained, followed by another 75 ETH in a subsequent transfer. At the time of the attack, these stolen assets held a value of approximately $1.6 million and $276,000, respectively.
Consequently, the investor’s wallet experienced a staggering decrease in net worth by over 99.93%, leaving them with a mere $1,453.
Identified by the Web3 security platform, Scam Sniffer, the attack utilized an “IncreaseAllowance” transaction, a known signature associated with phishing schemes enabling unauthorized access to funds without the victim’s consent.
| Victim | Chain | Total Stolen |
|---|---|---|
| 0x1749ad951fb612b42dc105944da86c362a783487 | ethereum | $4,681,503 |
| 0xc9f304efe0acc225408797d58a53dfd6a29cd83c | ethereum | $2,340,980 |
| 0x1f38e548263e7d9376c62f990d8ff15e7fee2f95 | arbitrum | $1,923,958 |
| 0xd9b7f9a448c9b7b183249990866f2891b688b48f | ethereum | $1,814,300 |
| 0x0c008e6479a83be6a6c49d95c2029a6064136688 | ethereum | $1,560,115 |
| 0x2768f72ab0f3f9a37145d1cab4bb473f239e8b6e | ethereum | $1,491,074 |
| 0x70590261b9cbd34ab9d1218d6c496419783c37c4 | bnb | $1,192,210 |
| 0x551b30bc933e26e098bd2e68d436c24ed39b7312 | ethereum | $1,043,315 |
| 0xf8ebfacb4768b4152dd38416c1ea5fd143f5f807 | bnb | $834,502 |
| 0x86d1e2c6eca2773674ef22dd41dae5cd951e9012 | ethereum | $653,511 |
Rising Tide of Phishing Scams: Over $100 Million Lost
This incident unfolds amidst a significant surge in phishing scams targeting the cryptocurrency industry this year.
Data sourced from Scam Sniffer indicates that a staggering $104 million was defrauded from nearly 97,000 crypto users during the initial months of this year due to phishing attacks. January witnessed losses amounting to $57.7 million, followed by $46.8 million in February.
Ethereum users bore the brunt of these attacks, losing $78 million in assets, including ETH and ERC20 tokens.
The primary modus operandi adopted by cybercriminals involves deceiving victims into signing malicious phishing signatures such as “Uniswap Permit2” and “increaseAllowance,” thereby enabling unauthorized access to victims’ funds.
Scam Sniffer elucidated that a majority of the thefts involving ERC20 tokens were facilitated through the signing of phishing signatures such as Permit, IncreaseAllowance, and Uniswap Permit2.
Moreover, it was revealed that most victims were ensnared by deceptive comments on social media platforms, notably X (formerly Twitter). The attackers frequently pose as legitimate cryptocurrency organizations to entice unsuspecting individuals to phishing sites where their digital assets are surreptitiously stolen.
Leave a comment