A recent phishing attack has left an investor reeling, losing a total of $101,000 in various cryptocurrencies spread across different blockchains.
PeckShield, a Blockchain security firm, disclosed that the victim’s address was drained of 237.8 billion OSAK tokens valued at $66,682 from the Osaka protocol defi project, as well as 287 billion CAW tokens worth $26,490. Additionally, 213 HIGH tokens worth $938 and 426 USDT were siphoned off on the Ethereum network. The theft also included 3,000 USDC on the BNB Chain, along with 0.5 PENDLE and 0.1 WBTC on Arbitrum. At present, the address still holds $7,000 in crypto assets.
The attacker’s address, which still contains the stolen assets, currently boasts a balance of around $220,000 spread across various chains. The exploiters took advantage of the victim by utilizing a multi-call function, enabling the execution of multiple smart contract functions in a single transaction.
Hackers deceive users into signing seemingly legitimate transactions that actually include malicious multi-call functions. This code permits the malicious actor to transfer funds or engage with contracts without the user’s legitimate consent, ultimately resulting in asset losses.
While the frequency of phishing attacks in the crypto space has decreased this year, they still pose a significant threat. Recently, an unidentified individual suffered a considerable loss of over $674,000 in USDC due to falling victim to a phishing scam.
This incident mirrors previous phishing attacks, such as one where a victim lost $145,000 worth of Bored Ape Yacht Club (BAYC) NFTs. In a separate case from April 2024, a trader lost over $180,000 in USDC and Andy tokens. The perpetrators employed a similar multi-call strategy, bundling multiple function calls into a single transaction, resulting in funds flowing from the victim’s address to wallets controlled by the hackers.
For more insights, consider exploring the top cryptocurrencies to monitor this week, including SOL, BONK, and FTM.