Phishing Frenzy: Hackers Steal $35 Million in Massive Crypto Attack
The prevalence of fraud in the cryptocurrency sector continues to rise, despite ongoing efforts to enhance security measures and authentication methods. In the third quarter of 2024, fraudsters siphoned off $127 million, with $46 million stolen in September alone. A recent incident has emerged as one of the largest attacks in the crypto world — a phishing attack that resulted in the theft of $35 million.
This case highlights the growing prominence of phishing schemes, which are now eclipsing previously dominant attack types, such as “pig butchering” scams, which the Commodity Futures Trading Commission (CFTC) has been actively combating. Phishing attacks have now taken center stage.
The latest attack occurred through a malicious signature link, resulting in the victim losing 15,079 fwDETH — tokens worth approximately $35 million. The incident unfolded after the wallet owner authorized a phishing link, leading to the immediate loss of funds. According to analytical platforms, the perpetrator has already sold the stolen tokens, causing severe liquidity issues and a decline in the value of fwDETH.
The attacker’s address has been identified as 0x0605edee6a8b8b553cae09abe83b2ebeb75516ec, while the victim’s wallet, 0xeab23cfe3776adf45e2e3dc56bcf739f6e0a393, likely belongs to the venture firm Continue Fund, which invests in crypto projects. The hackers presumably utilized temporary token addresses generated via the CREATE2 function, making such attacks more difficult to detect.
This incident is not isolated. Previously, another user lost $32 million in a similar phishing attack involving a fraudulent signature, losing 12,083 spWETH. In total, according to Scam Sniffer, such phishing attacks have impacted more than 10,800 individuals.
Phishing scams involving malicious links remain among the most challenging to detect. Criminals deceive users into connecting their cryptocurrency wallets to fraudulent services, after which the attackers can withdraw all funds without further authentication.
According to CertiK, in the third quarter of 2024, the cryptocurrency market lost $753 million due to various attacks, of which $127 million resulted from phishing scams.
