The hacker carried out this act using a multi-call function, which allows multiple smart contracts to be executed in a single transaction.
As the battle against cybercrimes in the crypto industry becomes more intense, a more recent incident calls for an urgent solution to these acts, as another investor has fallen victim to a phishing attack, losing over $101,000 worth of cryptocurrencies across multiple blockchains.
The hacker carried out this act using a multi-call function, which allows multiple smart contracts to be executed in a single transaction. By using this trick, the bad actor scammed the victim into signing transactions that looked legitimate, but in reality, they were not; they were rather malicious codes.
This trick enabled the attacker to transfer funds and interact with the investor’s contract without his consent, causing the investor to lose a lot of funds. The fraudster was able to cart away funds that include 237.8 billion OSAK, tokens worth $66,682 from the defi project Osaka protocol, and CAW tokens, which are valued at $26,490.
Other stolen assets include 213 HIGH, worth $938, and 426 USDT on the Ethereum network. The attacker also successfully stole 3000 USDC on BNB Chain, 0.5 PENDLE, and 0.1 WBTC on Arbitrum. The victim is said to still own $ 7,000 in crypto assets.
In a post released by PeckShield, a blockchain security firm, they stated on their X page that the attacker targeted the investor’s crypto portfolio across multiple blockchains and still holds the fund. The attacker has an account balance of $220,000 across several chains, showing the malicious acts’ success.
#PeckShieldAlert #Phishing An address (0xA71d…4541) fell victim to a phishing attack by #Fake_Phishing187019, resulting in a loss of ~$101K worth of cryptos, including 237.8K $OSAK, 287.1K $CAW, 213 $HIGH, & 426 $USDT on #Ethereum, 3K $kUSDC on #BNBChain, and ~0.5 $PENDLE-LPT &… pic.twitter.com/hGMDLvcuxw
— PeckShieldAlert (@PeckShieldAlert) May 20, 2024
Phishing Incidents Continue to Plague Crypto Realm
These incidents are not the first, as several investors have also been victims of this fraudulent act. Earlier this month, a similar phishing attack occurred, resulting in the loss of $145,000 worth of Bored Ape Yacht (BAYC) NFTs. In April, another trader lost over $180,000 in USDC and Andy tokens after falling prey to the multi-call attack.
Earlier this year, PeckShieldAlert released data stating that 2023 had over 600 major hacks within the crypto sector, which resulted in a loss of $2.6 billion, and only a mere $684 million could be recovered. The security firm further stated that $1.51 billion was lost to hacks, excluding multichain unauthorized withdrawals, while over $1 billion was lost to scamming activities. It revealed that these figures were lower than the previous year’s, as the number of malicious acts decreased by over 27%. Notably, the main targets of these hacks and scams are decentralized finance (defi) protocols; they account for 67% of the incidents.
This consistent hacking and scamming within the cryptocurrency sector calls on traders and investors to stay vigilant, keep themselves informed about the latest security threats, and, more importantly, exercise caution when dealing with unfamiliar links or contracts. They should also implement tight security measures to safeguard their digital assets.
next