Security Breach: Whale Loses $55.4M in Dai Stablecoin
A well-known cryptocurrency whale fell victim to a phishing attack, resulting in a staggering loss of approximately $55.4 million worth of Dai stablecoin. The attacker, using a sophisticated phishing tool known as Inferno Drainer, successfully accessed the whale’s externally owned account (EOA), as reported by blockchain security firm CertiK.
Inferno Drainer Attack Overview
The breach was initially brought to light by on-chain investigator ZachXBT in a Telegram post. CertiK later confirmed the incident, shedding light on the malicious tactics employed by the attacker using Inferno Drainer.
- Inferno Drainers are notorious for mimicking legitimate websites or emails from popular crypto exchanges and DeFi protocols to deceive victims.
- The cybercriminal targeted a Maker Vault, a collateralized debt position enabling users to borrow Dai stablecoin by depositing collateral.
- The bad actor exploited a vulnerability to take control of the whale’s Maker Vault through the compromised EOA.
- By transferring ownership of the victim’s DSProxy #166,776 to their own address, the hacker seized almost 56 million Dai, draining the vault of its funds.
July’s Crypto Losses Exceed $270M
The recent attack adds to a string of high-profile cyber hacks within the crypto industry. Another breach reported by ZachXBT involving the theft of 4,064 Bitcoin, valued at around $238 million, also made headlines this week.
- The stolen BTC was swiftly moved across various platforms, including THORChain, KuCoin, ChangeNow, Railgun, and Avalanche Bridge.
- While the exact method remains unclear, experts suspect a blend of phishing, social engineering, and wallet vulnerabilities played a role.
- July witnessed over $270 million in losses due to hacks, exploits, and scams across Web3 projects. Attackers only returned $7.8 million of the stolen funds.
- The losses stemmed from exit scams, flash loans, and other exploits, underscoring the vulnerability of DeFi protocols to cyberattacks.
Furthermore, the WazirX hack, involving the funneling of over $230 million through the contentious mixing service Tornado Cash, left many retail investors facing significant losses.
Hot Take: Stay Vigilant Against Cyber Threats
As a crypto enthusiast, it’s crucial to remain vigilant against cyber threats in the digital asset space. Stay informed about the latest security practices to protect your investments and assets from malicious actors.
Sources:
1. https://t.me/investigations/150
2. https://x.com/CertiKAlert/status/1826116902432944390
3. https://x.com/CertiKAlert/status/1826129237343945074
4. https://x.com/zachxbt/status/1825499490956231021
5. https://x.com/CertiKAlert/status/1818603157649281382
By
By