Last updated on October 14th, 2024 at 10:42 am
An unknown on-chain entity has incurred a massive loss of wrapped Ethereum (ETH) tokens worth $36 million after mistakenly authorising a malicious transaction.
In an X post on Friday, October 11, blockchain analytics platform Lookonchain revealed that an entity, suspected to be linked to the crypto venture capital firm Continue Capital, lost 15,079 fwDETH (wrapped ETH tokens on Blast’s chain) as a result of a “permit” phishing signature. As of the time of writing, Continue Capital has not released any official comments regarding the incident.
An X user, going by the alias @roffett_eth, highlighted that the incident caused a price drop for wrapped Ether, which in turn triggered “attacks on protocols like PAC Finance and Orbit Finance.” However, the full impact of these attacks is still uncertain, and neither project has issued a statement on the situation at the time of writing.
Phishing attacks in the cryptocurrency space are growing more sophisticated, frequently appearing as legitimate requests for user permissions. In this instance, the victim seems to have been deceived by a tactic that exploits trust in digital signatures, highlighting the ongoing vulnerabilities and risks within the crypto ecosystem.
This news comes on the heels of a report from Scam Sniffer showing a decline in crypto funds lost to phishing attacks in September, despite an increase in victims. In an October 4 X thread, Scam Sniffer revealed that nearly $46.7 million was stolen from 10,805 victims, down from $63 million in August. The largest loss came from one individual who signed a malicious permit, losing 12,083 spWETH in an approval phishing scam.
Similarly, Phishing attacks and private key breaches resulted in over $750 million in cryptocurrency theft during Q3 2024, according to CertiK. Despite a drop in security incidents to just over 150, the total loss increased by 9.5% from the previous quarter. Hackers have stolen nearly $2 billion in 2024, with $505.5 million lost in Q1, $687.5 million in Q2, and $343.1 million in Q3, where phishing became the top attack vector. CertiK noted these attacks often involve bad actors posing as legitimate entities to steal sensitive information.
If you want to read more news articles like this, visit DeFi Planet and follow us on Twitter, LinkedIn, Facebook, Instagram, and CoinMarketCap Community.
“Take control of your crypto portfolio with MARKETS PRO, DeFi Planet’s suite of analytics tools.”
