Scam Sniffer’s comprehensive November report reveals concerning patterns in cryptocurrency theft, where a single victim lost $661,000 in stETH within minutes through a malicious signature attack.
The month’s major losses demonstrated the scammers’ sophisticated approach, with incidents including a $409,000 WBTC theft on Arbitrum, a $344,000 FET exploitation through Uniswap Permit2, and a $220,000 USDT direct transfer attack.
November total losses account for $9.38 million
The total losses for November reached $9.38 million. This marks a substantial 53% decrease from October’s $20.2 million and an even greater decline from September’s $45.8 million. However, the persistently high victim count of 9,208 indicates that attackers continue to successfully target cryptocurrency users.
🧵 [1/7] 🚨 ScamSniffer November Phishing Report
$9,380,000 STOLEN9,208 VICTIMS
November saw one victim lose $661K in stETH within minutes – and that's just the tip of the iceberg.
Let's dive into the dark side of Web3… 🧵 pic.twitter.com/HDyBGh5tPj
— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) December 3, 2024
Scam Sniffer stated that a major development in the cybersecurity sector was the transition from Inferno Drainer to Angel Drainer. As Scam Sniffer notes, this evolution demonstrates the “hydra-like” nature of crypto threats. This is when one attack vector is neutralized, and new ones quickly emerge to take its place.
Immunefi reports $71 million lost in November
The findings align with broader industry data from Immunefi, which reported total losses of $71 million to hacks and rug pulls in November 2024. This represents a 79% decrease from the same period last year.
The DeFi sector proved particularly vulnerable, accounting for all reported losses. Some of the major incidents are the Thala Labs’ $25.5 million hack and the DEXX platform’s $21 million loss.
The year-to-date losses for 2024 stand at $1.48 billion, showing a 15% improvement compared to 2023. This trend suggests that while large-scale attacks are becoming less successful, individual users remain vulnerable to sophisticated phishing attempts and signature-based exploits.
Scam Sniffer emphasizes critical security practices, providing a clear defense guide for users: “NEVER rush to sign transactions. Verify ALL signature requests,” the platform warns, emphasizing that “One wrong signature = Empty wallet. Think twice, sign once.”
While the decrease in monthly losses suggests improving security measures and growing awareness, the high victim count indicates persistent vulnerabilities in user security practices. The contrast between falling total losses and steady victim numbers suggests attackers may be shifting toward higher-frequency, lower-value targets.
The centralized finance (CeFi) sector showed improved resilience with no major reported incidents in November. However, DeFi platforms continued to face challenges.
From Zero to Web3 Pro: Your 90-Day Career Launch Plan
