In what is being described as one of the most significant DeFi heists of recent times, a crypto whale reportedly lost over $32 million in a blatant phishing attack.
Crypto Whale Loses Huge Amount of Ethereum Derivatives to Hackers
Blockchain security service ScamSniffer was the first to alert the community via social media platform X about this massive theft. The victim lost approximately 12,083 wrapped Ethereum (spWETH) tokens, valued at $32.4 million, from the decentralized finance (DeFi) protocol Spark. The loss occurred after the whale signed a malicious transaction, allowing hackers to drain their wallet.
The phishing scam appears to be part of a larger operation run by Inferno Drainer, a notorious “fraud-as-a-service” platform. According to blockchain intelligence firm Arkham, Inferno Drainer targets DeFi users by tricking them into interacting with fake versions of popular apps, persuading them to sign over control of their wallets. Inferno Drainer’s activities have stolen over $215 million in altcoins from more than 200,000 victims, as per Dune Analytics data.
Inferno Drainer’s Role in the Attack
It is alleged that Inferno Drainer’s operators take a 20% commission on all stolen tokens. While the fraud service was initially shut down by its developers in November 2023, it resurfaced in May 2024 with advanced capabilities, new personnel, and expanded support for 28 blockchains and hundreds of DeFi apps.
Although the whale’s identity hasn’t been confirmed, blockchain detective ZachXBT suggested that the compromised wallet might be linked to a whale known as CZSamSun. It’s important to note that this individual is different from the well-known Paradigm researcher @samczsun on X.
In a desperate attempt to recover the stolen altcoins, the whale sent a message from their wallet offering the hacker 20% of the assets in return for their safe return. However, the scammer has yet to respond.
Reminder to Stay Cautious
Since the attack, blockchain analysis firm LookOnChain has posted reminders on X, warning users: “To avoid phishing attacks, please do not click on unknown links and do not sign unknown transactions. Always double-check before signing anything.”
A recent report noted that while online hacking incidents in the crypto world are on the decline, there has been a rise in physical cryptocurrency thefts.
