DAI whale loses $55 million in a phishing attack
- Whale lost $55M in DAI due to phishing; ownership transferred to fraudster.
- Attacker converted $27.5M DAI to 10,625 ETH and moved funds to CoW.
- Phishing attacks rising sharply; $2.7B stolen since May 2021, with losses increasing.
Follow Invezz on Telegram, Twitter, and Google News for instant updates >
In a dramatic illustration of the ever-present risks in the cryptocurrency world, a whale recently lost a staggering $55.47 million in DAI stablecoin due to a phishing attack unearthed by Lookonchain in a post on X.
Are you looking for signals & alerts from pro-traders? Sign-up to Invezz Signalsâ„¢ for FREE. Takes 2 mins.
The attack has sparked renewed discussions on the importance of security measures and vigilance in the crypto space.
How did the attack unfold?
Copy link to sectionThe phishing attack began when the whale, holding a massive amount of DAI tokens in Maker, a decentralized finance protocol on Ethereum, inadvertently signed a fraudulent transaction.
According to the information on Etherscan, this transaction altered the ownership of the whale’s 55.47 million DAI, transferring control to a phishing address: 0x0000db5c…41e70000.
The whale’s subsequent attempt to withdraw the funds failed due to the unauthorized change in ownership as evident in Etherscan records.
By this point, the attacker had already set the owner of the DAI tokens to a newly created address: 0x5D4b. This new address enabled the attacker to withdraw the funds, as documented in the transaction here and here.
Funds converted to ETH and moved
Copy link to sectionOnce the attacker gained control over the DAI tokens, they quickly moved to convert a significant portion of them. Approximately $27.5 million in DAI was exchanged for around 10,625 ETH, highlighting the efficiency and speed with which the hacker was able to act.
The converted funds were subsequently routed to CoW, a trading protocol, further complicating the tracking and recovery of the stolen assets.
The growing trend of phishing attacks in crypto
Copy link to sectionThis incident not only represents a significant loss but also highlights the growing prevalence of phishing attacks in the cryptocurrency sector.
Earlier this year, similar attacks have resulted in millions lost by other high-profile figures in the crypto world. According to a recent Chainalysis research, $2.7 billion has been stolen through phishing attacks since May 2021.
In June this year, a MakerDAO delegate lost $11 million in a phishing scam. In May, a Bored Ape Yacht Club trader lost $145,000 to a similar scam.
According to ScamSniffer Mid-Year Phishing Report, 260k victims lost $314M across EVM chains in H1 2024, with 20 people loosing over $1M each, totaling $58M. The figures are quite astonishing seeing that a total of $295M was stolen through similar means in the whole of last year. This year surpassed last year’s numbers in just 6 months.
As phishing schemes become increasingly sophisticated, the need for heightened security measures and user education becomes more critical than ever.
The $55 million loss underscores a vital lesson for all cryptocurrency users: the importance of vigilance and the need for robust security practices to safeguard against such high-risk threats.
Want easy-to-follow crypto, forex & stock trading signals? Make trading simple by copying our team of pro-traders. Consistent results. Sign-up today at Invezz Signalsâ„¢.