Million-Dollar Cryptocurrency Phishing Attack Rocks Crypto Community; New Threats Emerge

A cryptocurrency investor recently suffered significant losses, totaling millions of dollars, in a recent crypto phishing attack, which is one of the largest such attacks in recent times. On September 7, reports of a massive phishing attack emerged, but it was too late for one unfortunate individual.

In this attack, the victim lost approximately $24.23 million worth of staked Ethereum tokens, including 9,579 stETH and 4,851 rETH. Notably, stETH represents the Lido staked Ethereum token, while rETH represents the Rocket Pool staked Ethereum token. The victim unknowingly approved token transfers to the scammer by signing “increaseAllowance” transactions. The attacker’s address had been flagged previously for its association with various crypto phishing websites.

The attacker wasted no time in moving the stolen assets. They converted the rETH and stETH into approximately 13,785 ETH, equivalent to about $22.5 million, along with 1.64 million DAI. A transfer of approximately 451,000 DAI was also made to FixedFloat, an automated cryptocurrency exchange using the Lightning Network.

Phishing attacks involve deceiving individuals into revealing sensitive information or installing malicious software. Some of these malicious links have even been found in Google advertisements, nearly resulting in a victim losing nearly $900,000 in one case.

In a related development, cybersecurity firm Group-IB detected a significant phishing threat actor named “W3LL” on September 6. This threat actor operates an underground market selling tools to bypass Microsoft 365 multifactor authentication (MFA). The custom phishing kit known as the “W3LL Panel” specifically targets corporate Microsoft 365 accounts. It is estimated that over 56,000 accounts were compromised between October 2022 and July 2023, highlighting the emergence of sophisticated “adversary-in-the-middle” phishing attacks designed to evade detection.