Market maker loses about $24m in phishing attack

On 7 September, a user was targeted by a phishing attack, resulting in the loss of 9,579 stETH (~$15.6m) and 4,850 rETH (~$8.5m).

It is probably the largest single-wallet hack carried out using private-data-tracking software in history.

The victim granted approval to the attacker by signing an ‘increaseAllowance’ transaction. The attacker has already converted the stolen funds into ETH and DAI and transferred them to several addresses.

The affected address has a long trading history and is a major market maker. The address supplied liquidity on Uniswap v3 for the WBTC/USDT pair worth more than $1.6 million. It has also engaged with protocols such as Aave, 1inch, Curve, OMG, EOS and others.

According to Scam Sniffer analysts, the hacker’s wallet is associated with many phishing sites.

Earlier, journalists warned, that attackers began using URLs of government websites of several countries to deceive users of the non-custodial crypto wallet MetaMask and steal their assets.

In August, unknown attacked the Solana-based decentralized exchange Cypher and withdrew around $1 million in cryptocurrencies.

Subsequently, the yield aggregator Zunami Protocol was hacked, resulting in the loss of digital assets worth $2.1 million.