Investor Falls Victim to $100K Crypto Phishing Scam

A recent phishing scam has stripped an investor of over $101,000 across multiple cryptocurrencies and blockchains. PeckShield, a blockchain security firm, reports that the scam involved various tokens and blockchains, highlighting the sophisticated methods employed by cybercriminals.

In this incident, attackers targeted tokens from the Osaka protocol and others. The compromised address lost 237.8 billion OSAK tokens valued at $66,682 and 287 billion CAW tokens worth $26,490. Additionally, smaller amounts of cryptocurrencies like 213 HIGH tokens and 426 USDT were also stolen from the Ethereum network.

The theft extended to the BNB Chain, where 3,000 USDC were taken. Attackers also drained 0.5 PENDLE and 0.1 WBTC from an Arbitrum address. Despite these losses, the victim’s address still holds $7,000 in various cryptocurrencies.

How the Phishing Attack Occurred

Cybercriminals exploited a vulnerability known as the multi-call function. This allows them to execute several smart contract functions in a single transaction. By deceiving the user into signing what appears to be a legitimate transaction, the attackers could execute malicious functions. These unauthorized actions transferred the victim’s funds directly to the scammer’s addresses.

Currently, the exploiter’s wallet contains approximately $220,000, evidencing the substantial amount extracted from multiple victims. This year, although the number of phishing attacks in the crypto space has decreased, their impact remains significant. For instance, one user lost $674,000 in USDC to a similar scam. Another case involved the theft of $145,000 worth of Bored Ape Yacht Club NFTs. Both incidents employed tactics akin to the multi-call function used in the recent scam.

This consistent use of sophisticated phishing schemes underscores the need for heightened security measures and increased user awareness in the crypto community. Investors are urged to exercise caution and verify the authenticity of transactions thoroughly to avoid falling prey to these increasingly common cyber threats.

Comments are closed.