Crypto Trader Falls Victim to Phishing Scheme, Loses $55 Million in DAI via Inferno Drainer Exploit
The blockchain-focused security application,
The report detailed that the unfortunate loss occurred as a result of the investor erroneously assigning the control of their collateralized debt position (CDP) within the DeFi Saver Proxy system to a deceitful wallet address.
DeFi Saver Proxy functions as an intermediary contract set up by Maker, the entity responsible for the issuance of DAI stablecoin, to assist users in managing their collateralized debt positions.
The compromised investor, known by the alias ‘0xf2B8,’ fell prey to the scam by initiating a ‘SetOwner’ command which inadvertently transferred control over their DeFi Saver Proxy contract to a phishing entity. Subsequently, their attempt to conduct a transaction was thwarted due to the loss of ownership of the Proxy.
Subsequent to this, the malefactor redirected the ownership again, this time to an alternate account from which they siphoned off the staggering $55.47 million in DAI from the investor’s holdings.
In a separate commentary, SlowMist’s founder Yu Xian, took to highlighting how the perpetrator leveraged a notorious malicious toolkit called Inferno Drainer, which specializes in pilfering funds from digital wallets, to execute the theft, which he shared in an update.
In the meantime, a report by Lookonchain revealed in their observation stating that the infiltrator had successfully converted 27.5 million DAI into 10,625 ETH, as the situation stood at the time of reporting.
Phishing Epidemic in Crypto
The recent breach underscores a persistent peril within the cryptocurrency sphere, specifically the constant threat posed by sophisticated phishing schemes, as detailed in a link to phishing attacks. Through such schemes, scammers mimic credible sources to misappropriate confidential information and infiltrate innocent users’ cryptocurrency wallets.
Insights from Scam Sniffer suggest that one commonly wielded phishing tool are Wallet Drainers, designed to hoodwink individuals into authorizing hazardous transactions through fraudulent websites. A staggering sum upward of $314 million has been pilfered through such phishing schemes in the first half of 2024 alone.
The scale of this thievery was such that it impacted 266,713 individuals, encompassing a variety of phishing tactics, including Permit, Increase Allowance, Increase Approval, and Uniswap Permit2. The most afflicted digital assets were Pendle tokens, trailed by Restaking and Aave Collateral assets.
Featured in This Release
Source link
#Crypto #trader #loses #55M #DAI #phishing #attack #Inferno #Drainer #kit
