Crypto victims lose $90,000 in sophisticated phishing attacks

Crypto users lost $908,551 to wallet drain scams 458 days after signing a malicious authorization transaction, Onchain data shows.

The attack came from an ERC-20 approved transaction that was likely signed on a phishing site or fake airdrop, which gave the fraudster’s wallet “0x67e5ae” continued permission to access the victim’s funds.

Criminal – Linked to the infamous Pink Drainer. TET Wallet Address – Theft was carried out at 4:57am on August 2nd, stole USDC (USDC) stubrecoin worth $908,551.

The security incident prompted the fraud sniffer to remind crypto users to “regularly review and revoke old approvals.” Otherwise, your hard-earned funds could be at risk.

“The security of your wallet is important,” he added.

sauce: Scared sniffer

The con artist’s patience paid off

Until a month ago, the victim’s breached wallets were of little value, seeing minimal trading activity. They gave no incentives to act on the attackers.

That changed on July 2nd when the victim deposited $762,397 from the Metamask Wallet at 8:41pm at the contaminated wallet address “0x6C0EB6.”

Ten minutes later, another $146,154 from USDC was transferred from the Kraken wallet to the same wallet.

Related: Retrospectively discovered $3.5 billion in Bitcoin robbery since 2020 – Arkham Intel

The scammer likely monitored his wallet next month, and saw if more funds would flow before deciding to discharge the funds in one transaction on August 2nd.

This delayed strike is a critical feature of phishing approval attacks. The scammer has been waiting for months.

Tools already exist to prevent these attacks

To prevent such attacks, Ethereum users can use EtherScan’s token approval checker to confirm and revoke unnecessary token approvals, but each cancellation requires a gasoline fee.

Bad actors and con artists stole more than $142 million from the crypto space in July over at least 17 separate attacks.

magazine: Inside a 30,000 phone bot farm, steal crypto air drops from real users