Hacker Transfers $10M from 2023 Phishing Attack to Tornado Cash: CertiK

Phishing scams have wreaked havoc in the digital asset ecosystem and are making a comeback amidst market-wide recovery.

These attacks have grown increasingly sophisticated, leading to high-profile crypto investors, whales, and prominent industry figures becoming victims, ultimately resulting in substantial financial losses.

  • In its latest update on March 21st, CertiK identified a deposit of 3,700 ETH into Tornado Cash on the Ethereum blockchain.
  • This transfer by the hacker, valued at over $10 million, raised eyebrows due to its link with a major phishing incident dating back to September 2023. The funds were pilfered from a crypto whale.
  • During this phishing attack, the whale in question lost a staggering $24 million worth of staked ETH on the liquid staking provider Rocket Pool.
  • The hack was executed through only two transactions, with 9,579 stETH stolen in one and 4,851 rETH in another. The value of the stolen assets amounted to $15.5 million in stETH and $8.5 million in rETH at the time of the breach.
  • Scam Sniffer’s investigation subsequently revealed that the whale unknowingly granted token approval to the fraudsters through the authorization of “increaseAllowance” transactions.
  • February saw a slight decrease in losses attributed to hacks, exploits, and scams. Phishing attacks, for instance, accounted for $14.6 million out of the total $160 million lost during the month. Fortunately, $6.4 million was recovered successfully.
  • Scam Sniffer’s February Phishing Report revealed that many victims of phishing attacks were tricked by scams through X (formerly Twitter). Fake comments from fraudulent X accounts led unsuspecting victims to malicious websites, where they were targeted by these schemes.
  • Earlier this year, an anonymous individual lost $4.2 million to a phishing attack that used a falsified ERC-20 permission signature.

Source link

About The Author

Scroll to Top