Crypto Whale Loses $55.4 Million in Dai Stablecoins to Phishing Attack

crypto scam Scam Whale
The attack appears to have been executed using a phishing tool known as Inferno Drainer.
Author
Author
Ruholamin Haqshanas
About Author

Ruholamin Haqshanas is a contributing crypto writer for CryptoNews. He is a crypto and finance journalist with over four years of experience. Ruholamin has been featured in several high-profile crypto...

Last updated: 
Why Trust Cryptonews
Cryptonews has covered the cryptocurrency industry topics since 2017, aiming to provide informative insights to our readers. Our journalists and analysts have extensive experience in market analysis and blockchain technologies. We strive to maintain high editorial standards, focusing on factual accuracy and balanced reporting across all areas - from cryptocurrencies and blockchain projects to industry events, products, and technological developments. Our ongoing presence in the industry reflects our commitment to delivering relevant information in the evolving world of digital assets. Read more about Cryptonews

A crypto whale has lost approximately $55.4 million worth of Dai stablecoins in a sophisticated phishing attack.

The incident was first reported by on-chain investigator ZachXBT and later confirmed by security firm CertiK.

The attack appears to have been executed using a phishing tool known as Inferno Drainer, which entices victims into providing sensitive information through fake websites or emails that mimic legitimate cryptocurrency exchanges or decentralized finance (DeFi) protocols.

Once the attacker obtained access to the whale’s externally owned account (EOA), they were able to exploit a vulnerability that allowed them to take control of a Maker Vault.

Attacker Gets Control of Crypto Whale’s EOA

Maker Vaults are collateralized debt positions where users can borrow Dai stablecoins by depositing collateral.

The attacker, having gained control of the whale’s EOA, transferred the ownership of the victim’s DSProxy—a smart contract that enables multiple contract calls in a single transaction—to a new address they controlled.

This allowed the attacker to change the vault’s owner address to their own and mint 55,473,618 Dai stablecoins directly into their wallet.

Security firm Blocksec provided additional details, confirming that the attacker tricked the victim into signing a transaction that changed the vault’s ownership.

On-chain data indicated that the Maker Vault’s DSProxy ownership was transferred to an address labeled as Fake_Phishing187019 on Etherscan during the phishing process.

The address later transferred ownership to another address, 0x5D4b2, which is now involved in withdrawing the stolen funds and possibly laundering them.

Blocksec analyst Jingyi Guo suggested that the victim likely signed a phishing transaction, as their attempts to invoke the DSProxy failed after ownership was transferred.

Illicit Crypto Transactions Drop in 2024

A recent Chainalysis report revealed a decline in overall illicit cryptocurrency transactions in 2024, even as specific types of criminal activities within the sector surged.

Released on August 15 as part of the mid-year crypto crime update, the report found that hacking and ransomware attacks were becoming increasingly prevalent.

Two categories, in particular – stolen funds through hacking and ransomware attacks – have seen an uptick.

By the end of July, the cumulative value of stolen cryptocurrencies had reached $1.58 billion – an 84% increase compared to the same period in 2023.

While the number of hacking incidents only increased slightly (2.8% year-over-year), the average value stolen per hack surged dramatically.

In July alone, hackers stole approximately $266 million through 16 separate breaches, dealing the crypto sector substantial losses.

The July 18 attack on Indian crypto exchange WazirX stands out. This attack alone accounted for over $230 million, or 86.4%, of the month’s total losses.

Other significant victims of July’s crypto hacks included algorithmic protocol Compound Finance ($24 million lost), bridging protocol Li.Fi ($10 million), decentralized AI protocol Bittensor ($8 million), and liquidity provider Rho Markets ($8 million).

June, in contrast, saw a lower loss of $176 million spread across approximately 20 incidents. This difference highlights the sharp increase in the value of stolen assets in just one month.

Logo

Why Trust Cryptonews

In the Article
Bitcoin
BTC
$104,321
0.46 %
Ethereum
ETH
$2,494
0.62 %
2M+
Active Monthly Users Around the World
250+
Guides and Reviews Articles
8
Years on the Market
70
International Team Authors
editors
+ 66 More

Best Crypto ICOs

Discover trending tokens still in presale — early-stage picks with potential

Explore Our Tools

Smart tools made for everyday crypto users

Market Overview

  • 7d
  • 1m
  • 1y
Market Cap
$3,352,053,014,637
-5.43
Trending Crypto

More Articles

Crypto News in numbers
editors
Authors List + 66 More
2M+
Active Monthly Users Around the World
250+
Guides and Reviews Articles
8
Years on the Market
70
International Team Authors