Mar 21, 2024 at 05:50An account associated with a phishing incident from September 2023 has shifted $10 million worth of Ether to the privacy-focused crypto mixing platform, Tornado Cash.
Blockchain security firm CertiK raised concerns on March 21 after detecting the movement of 3,700 ETH from an account linked to the $24 million hack. This hack targeted a crypto whale during a phishing incident on Sept. 6, 2023.
During the phishing attack, the investor lost $24 million in staked ETH on Rocket Pool. The attacker executed two transactions, one withdrawing 9,579 stETH and another draining 4,851 rETH from the victim.
The brand new newsletter with insights, market analysis and daily opportunities.
Let’s grow together!
According to Scam Sniffer, the victim unwittingly signed an “Increase Allowance” transaction, granting approval for token transfers to the hacker. This feature, common in smart contracts, allows third parties to manipulate ERC-20 tokens with user authorization.
Concerns over token allowances have been prevalent in the crypto community, with warnings about the potential for malicious smart contracts used in scams.
PeckShield, another blockchain security firm, reported that the attacker exchanged the stolen assets for 13,785 ETH and 1.64 million Dai. Some of the Dai was moved to the FixedFload exchange, while the bulk of the funds were distributed across various wallets.
Phishing attacks remain a significant challenge in the crypto space. In February alone, nearly $47 million was lost to such scams, as per Scam Sniffer’s crypto phishing report. Ethereum network bore the brunt of these thefts, with ERC-20 tokens accounting for 86% of the assets stolen.
Token approval vulnerabilities have also led to substantial losses for crypto users. On March 20, an outdated contract previously used by Dolomite exchange facilitated the siphoning of $1.8 million from users who had authorized transactions for the contract. In response, Dolomite’s development team urged users to revoke approvals linked to the outdated contract address.
While some breaches result in significant losses, swift action sometimes mitigates further damage. On March 20, Layerswap prevented further exploitation of its website following intervention from its domain provider. However, hackers still managed to abscond with $100,000 worth of assets from 50 users. Layerswap pledged to reimburse affected users and offer additional compensation for any inconvenience caused.
9
