A new phishing attack has resulted in the loss of a fortune stored in the USDT stablecoin. The victim was a user of the Kraken exchange, who lost US$4.46 million in an attack. In other words, R$22 million based on the current dollar exchange rate.
According to data from Etherscan, the attack occurred through an address ending in “ACa7”. The owner of this wallet used a phishing attack and pretended to be Kraken, which probably caused the victim to get confused. This way, the hacker had access to the funds and managed to steal them to the address.
Blockchain security agency PeckShield also identified the attack and alerted the community about the rogue address. However, the hacker had already emptied his wallet at the time of publishing this text and transferred the funds to another address.
Another successful phishing attack
PeckShield flagged the address as belonging to the hacker, but there are no details yet on how he carried out the attack. What is known is that he used the phishing strategy, which consists of pretending to be a company to steal funds from users.
In this attack, the hacker can create a fake website or email and pretend to be a legitimate organization. However, when clicking on the fake website, the user goes to a domain controlled by the hacker. There, the person is subject to losing their passwords and their money, which actually happened in this case.
Additionally, Scam Sniffer’s research indicated that the hacker moved the funds to an exchange called Coinone. But this platform is also involved in fraud involving cryptocurrency mining.
According to Dune Analytics, phishing is one of the most common attacks in the cryptocurrency market. In 2023 alone, these attacks resulted in losses of $337 million in USDT in total, affecting nearly 22,000 individuals.
Riscos do phishing
Phishing scams continue to wreak havoc on the market, fooling even high-profile, tech-savvy entities on numerous occasions. The user almost always cannot distinguish between the real website of an exchange or company and its fake version.
When a user makes a self-custodial cryptocurrency wallet, they receive a “private key” protected by cryptography. However, criminals do not always require the user to provide it. Some scams, like the fake mining pool scam, only ask for a click of a button.
This action typically initiates a request for a network fee in Ether, typically ranging from $10 to $50. However, the user giving this authorization allows the attacker access to the wallet. And then, even without private keys, hackers can break in and steal cryptocurrencies.
“Mining scams are actually like phishing attacks that pretend to be “mining” or “liquidity pools.” But instead, they trick you into authorizing unlimited withdrawals from your wallet. They may come with 24-hour “customer support” service, but that is fake,” said the Global Anti-Scam Organization.
Losses from hacker attacks accumulate and sometimes cause irreversible damage. Earlier this week, the NONE protocol, which is a suite of premier trading tools for cryptocurrencies and NFTs, announced the closure of its operations.
One of the reasons was a hacker attack that the protocol suffered, in which a user lost 41.52 ETH, in addition to NONE tokens. The loss exceeded R$500,000.
A large investor also suffered a significant loss of over $24 million in Ether (ETH) on September 6 after accessing a fake staking protocol. Further investigation revealed that the investor unknowingly granted approval to the scammers, authorizing “subsidy increase” transactions.
How to protect yourself
As ways to protect themselves from phishing attacks, users should use strong passwords and implement two-factor authentication to keep their accounts as secure as possible.
They should also not click on any hyperlinks sent by suspicious email accounts and should install a reliable antivirus to identify and remove any malware as quickly as possible.