BitcoinWorld

Crypto News Investing News

Crypto Phishing Attacks Soar: $314 Million Lost to EVM Hacks in 2024

Crypto Phishing Attacks Soar: $314 Million Lost to EVM Hacks in 2024
  • Crypto Phishing attacks are getting worse, The stolen amount in the first half of 2024 is already higher than all of 2023.
  • Attackers are tricking users into approving fake transactions that steal their crypto.
  • Be aware of suspicious links, don’t share private keys, and use security tools to avoid becoming a victim.

The mid-year report of ScamSniffer reveals some worrisome tendencies of phishing attacks in the context of cryptocurrencies. 

In particular, 260,000 victims suffered $ 314 million losses in the first half of 2024 on EVM chains, which exceeds the amount of $ 295 million stolen in the previous year. 

These numbers have risen sharply, proving that the complexity and frequency of the phishing plans directed toward crypto clients are on the rise.

Here’s All You Need To Know:

A Record-Breaking Heist

In a striking development, 20 individuals fell victim to phishing attacks exceeding $1 million each, totaling a jaw-dropping $58 million. 

Notably, one victim experienced a loss of $11 million, marking this as the second-largest crypto heist in history.

Deceptive Techniques on the Rise

The ScamSniffer report sheds light on the prevalent phishing tactics used in these thefts, including the use of Permit, IncreaseAllowance, and Uniswap Permit2 signatures. 

Attackers frequently exploit seemingly legitimate services to redirect funds, resulting in significant asset losses.

In some cases, victims were lured to phishing sites through deceptive comments on Twitter, often from accounts impersonating reputable brands. 

Phishing groups now utilize bot accounts to post initial comments on tweets from official and high-profile projects, employing social engineering tactics to trick users into interacting with fraudulent forms on fake websites.

Breaking Down the Phishing Attacks

Assets Targeted:

Staked Assets: Significant losses were reported concerning staked assets, which become irretrievable once compromised due to Permit support. 

Other targeted assets included staking, restaking, Aave collateral, and Pendle tokens. These attacks suggest that attackers are focusing on high-value and highly liquid assets within the crypto sphere.

Common Attack Vectors:

Credential Stuffing and Fake Wallets: Credential stuffing and fake wallets were commonly employed tactics. Phishing attempts often occurred via comments under tweets from key accounts, with bots mimicking authoritative profiles.

Effective Prevention Strategies

To safeguard your crypto assets and avoid becoming a victim, consider these crucial prevention tips:

  1. Enhance visibility:

Improving the visibility of phishing signatures can help combat these attacks. Better display and recognition can significantly reduce the likelihood of falling victim to phishing schemes.

  1. User education:

Training users to avoid granting sign permissions and interacting with malicious links is essential. Awareness campaigns and informative tools can empower users to make informed decisions and navigate the crypto landscape with greater safety.

  1. Secure storage:

Avoid storing private keys on cloud services or sharing them through instant messaging platforms like WeChat. Implementing robust safeguarding measures is crucial to preventing unauthorized access to your keys.

  1. Verification tools:

Use security detection tools to verify the legitimacy of tokens and prevent fraud. These tools complement tokenization benefits by helping users validate tokens and avoid scams.

Disclaimer: The information provided is not trading advice, Bitcoinworld.co.in holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.