On Tuesday, a crypto whale lost about $55.4 million worth of Dai stablecoin to a phishing attack.
Phishing Attack on a Crypto Whale
The phishing attack was first noted by on-chain sleuth ZachXBT when a crypto whale lost approximately $55.4 million in Dai stablecoins. A Maker Vault user fell victim to phishing, resulting in the loss of control over their assets.
Use of Inferno Drainer
Security firm CertiK reported that the attacker likely used the phishing tool Inferno Drainer to gain access to the user's externally owned account (EOA). Inferno Drainer lures victims through fake websites or emails representing legitimate exchanges or DeFi protocols and then steals the user's private information.
Continuing Threats to DeFi Protocols
The attacker used the EOA to transfer the ownership of the user's DSProxy (decentralized service proxy) #166,776 to a new address controlled by the attacker. Having gained control of the Maker vault, the attacker set the protocol's owner address to their wallet address and minted 55,473,618 Dai stablecoins into it. DeFi protocols continue to be the center of cryptocurrency hacks, as demonstrated by the LI.FI protocol breach last month, resulting in losses of $10 million.
According to Immunefi's July report, the crypto industry has already seen over $1.19 billion in losses due to hacks and scams this year. This highlights the need for stricter security measures and user vigilance.
Comments