$24 Million Worth of Crypto Wiped out Overnight in Massive Phishing Attack
According to cybersecurity watchdog Scam Sniffer, $24.23 million worth of stETH and rETH tokens were lost in a phishing attack that occurred just eight hours ago.
The victim inadvertently granted token approvals to the scammer by signing "increaseAllowance" transactions.
For those unfamiliar with the terminology, "increaseAllowance" is a type of transaction that grants permission to move a certain amount of cryptocurrency.
Tracking stolen funds
The scammer's addresses have been linked to multiple crypto phishing sites. Crypto phishing is a type of cyber attack where scammers trick individuals into revealing sensitive information, such as private keys or login credentials, by posing as trustworthy entities.
Typically, the attacker will use fake websites, emails or social media accounts that closely resemble legitimate cryptocurrency platforms or services.
Some of the stolen funds were transferred to FixedFloat, a cryptocurrency exchange service, while the majority remained in three separate addresses.
This underscores the ease with which scammers can move large sums of money across the crypto ecosystem, often bypassing existing security protocols. However, it is worth noting that the crypto community has been proactive in tracking the movement of these funds, with platforms like MistTrack providing real-time updates.
Exercising caution
The crypto industry has made significant strides in security and regulation, but incidents like these serve as a sobering reminder of the risks involved. Investors and traders are advised to exercise extreme caution, especially when approving transactions or interacting with unfamiliar platforms.
A report released on June 30 by Web3 security company Beosin reveals that the first half of 2023 saw a staggering $656 million in cryptocurrencies lost to scams, hacks and rug pulls.