Follow CriptoFacil on

A report by blockchain security firm Scam Sniffer has revealed that cryptocurrency phishing attacks in the first half of this year resulted in losses of over $341 million.

This figure already exceeds the US$295 million diverted from victims throughout 2023. Thus, it highlights a significant increase in the sophistication and frequency of these attacks.

According to Yu Xian, security expert and founder of SlowMist, phishing attacks have proven to be extremely lucrative for scammers.

“There are 20 large accounts that were stolen for more than one million US dollars each. Most of these losses were due to offline authorization signatures of the permissions being stolen,” Xian said.

The report details that approximately 260,000 victims lost a total of $314 million across all Ethereum Virtual Machine (EVM)-compatible chains between January and June 2024. Among these victims, the top 20 suffered losses of more than $1 million each, totaling $58 million.

Phishing scams steal cryptocurrencies

Phishing exploits focused on signature permissions such as Permit, IncreaseAllowance, and Uniswap Permit2. The largest single loss recorded during this period was $11 million, suffered by one user due to a permission signature phishing attack.

This incident represents the second largest single loss ever from phishing attacks, affecting tokens such as aEthMKR and Pendle USDe.

Scam Sniffer highlighted that the majority of the thefts involved staking, restaking, Aave Collateral, and Pendle tokens. In terms of asset category, Pendle-related thefts accounted for 23.6% of the losses. This was followed by thefts of restaking assets at 19.5%, Aave Collateral at 18%, and staking at approximately 8%.

Scammers use fake X accounts that imitate celebrities and influencers to lure victims to phishing sites. On these sites, scammers steal credentials and permission signatures.

“Based on Mist-Track intelligence and victim feedback, most were lured to phishing sites via phishing comments from fake Twitter accounts,” Scam Sniffer explained.

In light of the rise in phishing attacks, security experts are recommending that cryptocurrency users take additional measures to protect their assets. This includes, for example, rigorously checking URLs before providing any sensitive information. Additionally, it is recommended to use hardware wallets for secure storage and revoke signing permissions that are no longer needed.

Follow CriptoFacil on
Google News CriptoFacil


Leave a Reply