A DeFi whale recently lost $55.47 million in DAI stablecoins to a phishing scam, according to an on-chain analysis by Lookonchain.
The whale’s funds were stored in Maker, an Ethereum-based decentralized finance protocol. The attack occurred after the whale unknowingly signed a fraudulent transaction that transferred ownership of their assets to a phishing address.
Transaction Results in Ownership Transfer
Lookonchain reported that the phishing attack unfolded after the whale, holding a significant amount of DAI in Maker, signed an unknown transaction. This act inadvertently set the owner of the whale’s funds to the scammer’s address, identified as “0x0000db5c…41e70000.”
Once the ownership had been changed, the attacker gained full control of the whale’s 55.47 million DAI, rendering the original holder powerless.
When the whale attempted to withdraw the funds, the transaction failed due to the shift in ownership. Meanwhile, the attacker swiftly moved the stolen DAI tokens to a newly created wallet and began converting the tokens into Ethereum.
So far, the scammer has swapped 27.5 million DAI for around 10,625 ETH, funneling the majority of the stolen assets through a decentralized trading protocol.
Previous Incidents Reflect Growing Risks
The attack on this whale is not an isolated incident. In June, a MakerDAO delegate suffered a similar phishing attack, losing $11 million worth of various tokens, including USDe. This breach was detected by Scam Sniffer, a platform aimed at helping users avoid phishing sites and wallet-draining schemes.
The delegate’s wallet, identified as “0xfb…accfa,” was compromised by a scammer at address “0x73…bb96,” who employed multiple phishing signatures to deceive the victim.
🚨💔 5 hours ago, a victim lost $11 million worth of aEthMKR and Pendle USDe tokens due to signing multiple Permit phishing signatures. pic.twitter.com/9jhgQMdkl9
— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) June 23, 2024
Scam Warnings on the Rise
The rise of such scams has prompted various security warnings within the crypto community. On June 8, Shibarmy Scam Alerts issued a warning about a surge in fraudulent websites posing as crypto wallet connection tools. These sites, designed to steal funds, mislead users by claiming to offer network syncing, reward refreshing, or liquidity pool fixes.
Disclaimer: This content is informational and should not be considered financial advice. The views expressed in this article may include the author's personal opinions and do not reflect The Crypto Basic’s opinion. Readers are encouraged to do thorough research before making any investment decisions. The Crypto Basic is not responsible for any financial losses.
