TL;DR
- A crypto investor lost $35 million worth of fwDETH tokens due to a phishing attack on the Blast network.
- The attacker used a fraudulent “permission” signature to empty the investor’s wallet.
- DETH’s value dropped by 90% following the incident, only partially recovering afterwards.
A recent phishing attack has left a major crypto investor with an estimated loss of $35 million worth of fwDETH tokens, a wrapped version of Duo ETH (DETH).
This incident occurred on the Blast network, where the attacker took advantage of a permission signature vulnerability to steal a large amount of tokens from the victim’s wallet.
🚨 5 hours ago, someone lost 15,079 fwDETH($35M) after signing a "permit" phishing signature.💸 pic.twitter.com/YG6KlgWMtv
— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) October 11, 2024
According to security experts, the victim inadvertently signed a fraudulent “permission” that allowed the attacker to access the funds.
This type of attack has proven to be highly effective, as it tricks users into granting permissions that allow remote control over their assets. Security firm Scam Sniffer was one of the first to detect this attack and alert the community.
Security analysis firm BlockSec confirmed the attacker’s methodology. BlockSec co-founder Yajin (Andy) Zhou explained that the attacker managed to get the victim to sign a permission message offline.
Once the signature was obtained, the attacker used this authorization to drain the fwDETH tokens from the user’s account. This incident highlights the growing threats faced by investors on DeFi platforms, where permission signing has become an attractive target for cybercriminals.
In addition to the financial loss, this attack had a direct impact on the market. The value of DETH, the related token, experienced a significant drop of 90%, going from $2000 to just $100 in a matter of hours.
Although the token’s value managed to partially recover to $1000, this event demonstrated the extreme volatility to which digital assets are exposed in vulnerable situations.
Impact of Blast attack on the market
The drop in DETH value not only affected the attacked investor, but also caused panic among other users of the Duo protocol and the Blast network. Many began to question the security of their own assets and withdraw funds out of caution.
This type of chain reaction is common in the crypto market, where the perception of security can be as important as security itself.
The quick reaction of security firms to alert about the attack helped partially mitigate the damage. However, investor confidence in the DeFi ecosystem took a major hit. Experts are now warning about the need to review and strengthen security measures on platforms that use permission signatures to authorize transactions.
This event highlights the importance of continued education for cryptocurrency users and implementing more robust security technologies. As phishing attacks and other social engineering tactics become more sophisticated, it is essential that investors take additional steps to protect their assets.
This includes the use of contract analysis tools and security monitoring services that can detect suspicious activity before funds are compromised.
The case of the affected crypto investor is a stark reminder that while the opportunities in the crypto market are vast, so are the risks. The crypto community must remain vigilant and take a proactive stance in managing its security to avoid falling into the hands of increasingly inventive attackers.