Key points:
A crypto whale is stolen $55.4 million in DAI #Stablecoins following a phishing attack.
The attack targets an external wallet controlling a Maker vault.
The attacker took control of the trunk via a phishing tool called Inferno Drainer.
Panic in big crypto fish! On August 21, 2024, a crypto whale was siphoned for the equivalent of $55.4 million. The cause? A diabolically well-orchestrated phishing attack. We explain to you.
A little story of a big $55 million hack!
The attack begins with the use of Inferno Drainer, a phishing tool designed to trap users via fake websites and emails imitating trusted platforms. Once the victim is on the made, the attackers access his external wallet, or EOA (externally owned account), which manages a Maker safe. This safe, a type of guaranteed debt position, allows the user to borrow DAI stablecoins by depositing assets as collateral.
Once at the controls of the EOA, the hackers transferred ownership of the victim's DSProxy (a smart contract used to simplify complex transactions) to an address under their control. This manipulation gave them full access to the funds stored in the Maker safe.
After securing the DSProxy, the attacker changed the address of the safe owner, redirecting all 55.4 million DAIs to his own wallet. Certik experts and the famous ZackXBT confirm that the scammer managed to push the victim to sign a transaction unknowingly cedinging control of the trunk to him. The transfer of funds was then hidden by the use of an address named "Fake_Phishing187019" on Etherscan, before being redirected to another address for potential withdrawals or money laundering.
Once dispossessed, the victim tried to regain control of the DSProxy, but the manipulation was already consumed. Suffice to say that this certainly brief story reminds us that too much that our ecosystem is full of beautiful promises, but also full of danger! A misconst click, and it's a whole wallet that evaporates. So, and that will be the big word at the end of this little story: prudence is the mother of security.