Unknown person loses $4,2 million in cryptocurrencies due to phishing

The victim approved suspicious transactions several times

22.01.2024 - 15:25

222

2 min

What’s new? On January 22, an unknown crypto user lost $4,2 million in Aave Ethereum WETH (aEthWETH) and Aave Ethereum UNI (aEthUNI) coins in a phishing attack, auditors at Scam Sniffer reported. According to them, a user signed transactions with ERC20 standard assets several times, which resulted in the loss of funds.

Source: Twitter.com

What else is known? To implement the attack, the attackers used the CREATE2 operational code in the Solidity programming language for smart contracts based on the Ethereum blockchain, which was part of the EIP-1014 upgrade. This code allows developers to determine the address of a smart contract before it is deployed, keeping it unchanged.

In late December, ScamSniffer reported that malware for withdrawing funds from crypto wallets (drainer) was spreading through phishing ads on Google and X. In 9 months, it was used to steal $58,98 million from 63 210 people.

Crypto users lose $3 million on phishing sites promoted by Google Ads in 24 hours

In total, more than 63 000 people have fallen victim to scammers since the beginning of the year

In November, Web3 Antivirus developers detected the spread of a malicious “AML declaration” on behalf of the non-profit organization Ethereum Foundation. Users who signed it are losing all funds from cryptocurrency wallets.

In the third quarter of last year, according to blockchain audit company Beosin, the damage from crypto phishing amounted to $66,15 million.

Author: