Crypto mastermind robbed of $24.23M in one day

In what’s being touted as one of the largest cryptocurrency phishing scams to date, a prominent liquidity provider in the decentralized finance (DeFi) sector has been defrauded of a staggering $24.23 million in stETH and rETH tokens.

The news was confirmed today by Scam Sniffer, a platform specializing in monitoring and reporting online scams.

The attack explained

The victim, who operates under the blockchain address 0x13e382dfe53207e9ce2eeeab330f69da2794179e, is said to have significant onchain experience within the crypto ecosystem.

Despite their proficiency, they fell prey to an insidious scam by granting token approval to the perpetrator through an “increaseAllowance” transaction.

This transaction gave the scammer the authorization to transfer vast amounts of stETH and rETH from the victim’s digital wallet.

After successfully obtaining control of the funds, the attacker promptly converted the stolen stETH and rETH into Ethereum (ETH) and DAI tokens.

They then subdivided these digital assets and transferred them to multiple, seemingly unconnected addresses in an attempt to obscure their tracks.

The swiftness of the action suggests a high level of planning and understanding of the DeFi landscape.

A seasoned player brought down

The gravitas of this incident is further emphasized by the victim’s established presence in the DeFi market.

Their address has been actively involved in providing liquidity, specifically in the WBTC/USDT pool on Uniswap V3, to the tune of more than $1.6 million.

Moreover, the address has utilized a wide range of DeFi protocols, including but not limited to Aave, 1inch, Curve, OMG, and EOS.

According to blockchain analytics, the earliest transaction associated with one of the victim’s connected addresses dates back to June 2017 and was initially deposited from Bitfinex.

This lengthy history within the cryptocurrency community raises questions about how even well-versed users can fall victim to such attacks.

Wider implications

This episode shines a spotlight on the vulnerabilities that exist even for seasoned participants in the world of DeFi and the broader cryptocurrency landscape.

As the adoption of digital assets continues to surge, the sophistication and frequency of phishing scams and other fraudulent activities are also on the rise.

The fact that a user with a rich history and active participation in multiple protocols could fall victim to such a scheme serves as a cautionary tale for all.

While Scam Sniffer and other cybersecurity entities are actively working to trace the origins of the attack, the incident serves as a grim reminder that vigilance is indispensable in the rapidly evolving DeFi ecosystem.

No matter how experienced one may be, the ever-innovating methods employed by scammers require constant education and awareness for all market participants.

As investigations continue, the crypto community waits to see if any of the stolen assets can be recovered, and what steps will be taken to prevent similar large-scale attacks in the future.