A decentralized finance (DeFi) trader lost $27 million in crypto after falling victim to a phishing scam, according to blockchain security firm PeckShield.
PeckShield reported on Tuesday that a user of the DeFi lending platform Venus Protocol saw crypto assets worth $27 million disappear in a phishing attack.
A phishing attack is a type of scam where attackers trick victims into granting malicious permissions or revealing sensitive information by pretending to be a legitimate source. In this incident, the user approved a malicious transaction, allowing the attacker to drain stablecoins and wrapped assets from its balance.
Onchain data suggests that the compromised wallet held about $19.8 million in Venus USDT (vUSDT) and $7.15 million in Venus USDC (vUSDC), which were siphoned after the user signed the malicious approval.
Venus Protocol pauses protocol to investigate
Venus Protocol’s official social media account responded to community concerns in an X thread, confirming there was no flaw in its smart contracts.
When a user asked if this was due to the user’s mistake, Venus said it was likely the case. However, Venus said that as a precautionary measure, it would pause the protocol to conduct security reviews.
“Right now, yes, that appears to be the case. We will keep everyone updated as we investigate,” Venus Protocol wrote. “Protocol is paused while security reviews are underway.”
Related: Criminals are ‘vibe hacking’ with AI at unprecedented levels: Anthropic
Hackers ramp up attacks as September starts
The recent phishing attack adds to a list of criminal efforts to steal crypto at the start of September. On Tuesday, World Liberty Financial’s (WLFI) governance tokenholders were hit by a known phishing wallet exploit, according to SlowMist founder Yu Xian.
On the same day, decentralized exchange (DEX) Bunni paused all its smart contract functions in response to a security exploit in its Ethereum-based smart contracts. Security company BlockSec Phalcon estimated that the protocol lost about $2.3 million in the attack.
The attacks that started at the beginning of September follow millions in losses the previous month. In August, crypto attacks led to over $163 million in losses across 16 attacks. Kronos Research CEO Hank Huang told Cointelegraph that crypto exploits often increase as prices rise.
Magazine: BTS Jungkook’s hacker, Ripple backs Singapore payments firm: Asia Express