Theft of stETH and aEthWBTC worth 6.28M in a phishing scheme. Money was quickly transferred over chains, laundered through Drainer Network. Stay alert.
A recent phishing raid resulted in the loss of 6.28 million in stETH and aEthWBTC tokens. Fraudulent signatures were forged by the victims on several fraudulent permits that enabled hackers to gain access.
Source – X
This is a security breach that was initially reported on X by @realScamSniffer a few minutes after the theft. The stolen funds were promptly exchanged and transferred on multiple blockchain networks.
How Hackers Laundered Millions Across Chains
The attacker, with an address of 0x1623…9aC9 and marked as a user of the Drainer Network, exchanged stolen tokens for ETH. In the report of X, a sophisticated laundering scheme was described.
About 753 stETH that were stuck during Lido withdrawals, and 123 ETH were bridged through the Bridgers protocol, only hours following the theft.
The money was transferred to Bitcoin and TRON accounts, one of which is a Bitcoin address beginning with bc1q and another one is TEuR8R.
Moreover, approximately 71 ETH were transferred between the NEAR protocol. Approximately 40 minutes prior, a Drainer fee wallet moved 312.8 ETH to a new address whose information is obscured, which implements continued fund dispersion.
This fast multi-chain transfer represents the high-quality of laundering techniques in order to obscure stolen resources within a short period of time.
Preventing Phishing Heists in Crypto
Users should never accept any unanticipated signature requests, including authorizations to spend tokens.
Always ensure that smart contract interactions are valid on reliable platforms. Use hardware wallets to increase lock-up. Turn on multi-factor authentication for all crypto accounts. Periodically upgrade software to fight weaknesses.
Other ways through which risk exposure can be addressed are monitoring the activity of wallets and putting restrictions on spending. One should be very vigilant with phishing links and fraud.
This breach is a good example of how hackers take advantage of weak approvals to steal large amounts of money.
This information is publicly available in realScamSniffer on X. This highlights the pressing necessity of more security and the adoption of more effective user safeguards within decentralized finance (DeFi) systems.
Leave a Reply
You must be logged in to post a comment.