In just over 15 hours, three crypto users lost a total of $876,000 worth of assets to on-chain scams. The scams involved techniques such as 'approval phishing' and 'address poisoning.' The largest theft involved a user signing a malicious permit transaction, allowing the scammer to steal $654,000 worth of stETH. These scams are often facilitated by wallet drainers, malware packages that are distributed through hacked accounts and lure victims into approving transactions. Another method is 'front-end' attacks, where genuine crypto platform domains are hijacked to create malicious transactions. Scammers use drainer packages developed by others, with a portion of the stolen funds going to the developers. The victims in the other two scams lost similar amounts of USDT stablecoin through address poisoning, where victims inadvertently copy the scammer's address from a contaminated transaction history. Despite efforts to hide these transactions on blockchain explorers, losses are still common. The article advises users to maintain strict approval hygiene, be cautious of compromised websites, and use wallet address books to flag unexpected addresses. Scam Sniffer reported that around 12,000 victims lost $20.2 million to crypto phishing scams in October.



Other News from Today