A trader lost over $1.28 million worth of cryptocurrencies after signing a malicious permit transaction.
According to blockchain security firm PeckShieldAlert, on Oct. 14, a cryptocurrency investor lost 108 billion PEPE, 73.8 million APU, and 165,000 MSTR tokens after getting tricked into signing a phishing permit signature transaction.
Details of the Attack
The address “0xb0b8…40c7” has been drained of approximately $1.28 million worth of cryptos, including 108B PEPE, 73.8M APU, and 165K MSTR, after signing a phishing permit signature.
This is called an approval phishing attack which transfers control of a victimβs wallet to the attacker, allowing scammers to drain the stored assets.
In this case, the victimβs wallet, identified by β0xb0b..40c7,β lost roughly $1.2 million worth of cryptocurrencies across six transactions within a few minutes, with the stolen assets distributed across multiple addresses controlled by the attackers.
Previous Incidents
One of the addresses, labeled as βFake_Phishing442846,β was involved in a separate attack two weeks ago, with the affected wallet losing over $32 million worth of spWETH tokens after signing a similar malicious transaction.
At the time, blockchain intelligence firm Arkham reported that the attack was executed using Inferno Drainer, a multi-chain cryptocurrency scam service provider. It is likely that the bad actors behind the recent attack also employed this scam toolkit.
Understanding Inferno Drainer
Inferno Drainer is a subscription-based phishing-as-a-service tool that allows criminals to create malicious websites and applications to trick users into signing over control of their wallets. The developers charge scammers 30% for making phishing websites and another 20% for each successful attack.
To date, Inferno Drainer has targeted several crypto-related projects, managing to steal $237,775,036 from over 200,000 victims. On Nov. 26, 2023, the developers announced plans to sunset the service indefinitely. However, the toolkit resurfaced in May 2024, driven by renewed demand from its βcustomers.β
Rising Threat of Phishing Attacks
Phishing attacks have become a growing threat in the cryptocurrency space, with one of the leading reasons behind victimsβ losses being approval phishing attacks. According to an August report by Chainalysis, these attacks have siphoned off over $2.7 billion since 2021.
Last week, a wallet reportedly linked to a venture capital fund lost over $35 million worth of fwDETH tokens after signing a dubious permit signature.
In its Q3 report, blockchain security firm CertiK labeled phishing as the most damaging attack vector for the quarter, with losses amounting to $343.1 million across 65 incidents.
For more updates on cryptocurrency security and news, stay tuned to Global Crypto News.
#AI #BlockchainNews #BlockchainCommunity