GigaChad Token Holder Loses $6M in Phishing Attack

crypto scam phishing attack
A GigaChad token investor lost $6 million in a phishing attack involving a fake Zoom link.
Last updated:
Journalist
Journalist
Hassan Shittu
About Author

Hassan, a Cryptonews.com journalist with 6+ years of experience in Web3 journalism, brings deep knowledge across Crypto, Web3 Gaming, NFTs, and Play-to-Earn sectors. His work has appeared in...

Last updated:
Why Trust Cryptonews
For over a decade, Cryptonews has covered the cryptocurrency industry, aiming to provide informative insights to our readers. Our journalists and analysts have extensive experience in market analysis and blockchain technologies. We strive to maintain high editorial standards, focusing on factual accuracy and balanced reporting across all areas - from cryptocurrencies and blockchain projects to industry events, products, and technological developments. Our ongoing presence in the industry reflects our commitment to delivering relevant information in the evolving world of digital assets. Read more about Cryptonews
Ad DisclosureWe believe in full transparency with our readers. Some of our content includes affiliate links, and we may earn a commission through these partnerships.

A GigaChad (GIGA) token investor recently lost $6 million in a sophisticated phishing attack, marking another big loss for a crypto holder through social engineering tactics.

The hack was confirmed on November 12 and targeted the victim, known by the online pseudonym “Still in the Game,” through a fake Zoom link designed to steal wallet credentials.

This attack triggered an immediate sell-off of GIGA tokens and a noticeable market dip.

The hacker used a seemingly legitimate Zoom link to exploit a minor difference in the URL to gain unauthorized access to the investor’s wallet.

On-chain analysis by Scam Sniffer and Onchain Lens indicates that once inside, the hacker managed to extract 95.3 million GIGA tokens and convert these assets into more liquid stablecoins, making tracking and retrieval significantly more difficult.

GigaChad Token Phishing Attack: How Hacker Stole $6M

The phishing incident began when the victim, “Still in the Game,” clicked on what appeared to be a standard Zoom meeting invite link.

However, blockchain security firm Scam Sniffer later discovered that the link, designed to mimic an official Zoom URL, redirected the user to a fake site programmed to install malware.

This allowed the hacker to collect sensitive wallet data and monitor transactions from the victim’s computer.

After gaining access, the hacker swiftly liquidated the stolen GIGA tokens worth approximately $6.09 million.

Onchain Lens detailed how the attacker first converted the GIGA tokens into 11,759 Solana (SOL) tokens, valued at roughly $2.1 million, before further splitting the funds into Tether (USDT) and USD Coin (USDC) stablecoins.

These stablecoins were then dispersed across several wallet addresses, including a deposit of 700 SOL into a KuCoin exchange wallet.

Hackers often use this tactic. They spread the assets across different tokens and wallets, and the hacker effectively obscures the stolen funds and avoids immediate detection.

The fake Zoom link contained a minor alteration in the URL, a tactic known to lure even cautious users.

Scam Sniffer’s tweet on the matter pointed out how subtle differences in URLs can be a potent tool for hackers:

“Compare carefully: us04-zoom[.]us vs. us02web.zoom[.]us.”

This similarity is critical to the attack’s success. To prevent such incidents, users are urged to verify URLs from unknown sources before clicking them.

Growing Security Concerns Amid Ongoing Investigations

Following the attack, “Still in the Game” revealed that he had involved the FBI and a forensic team to track the stolen assets.

Although asset recovery in crypto remains complex due to the nature of blockchain’s pseudonymity.

This is not the first loss this quarter. Over $60M has been lost to phishing attacks in Q4 so far.

The most recent phishing attack before this led to the loss of over $36 million in wrapped Ethereum tokens (fwDETH) from a crypto venture capital fund linked to Continue Capital.

The attack occurred on October 11 and exploited a fraudulent “permit” signature, allowing users to sign transactions without directly interacting with their assets.

Similarly, on September 29, a whale also lost $32.4 million in spWETH tokens; another lost $55.4 million in Dai stablecoins in August.

According to CertiK, over $753 million was lost to fraud in Q3 2024, including $127 million in phishing, making crypto the second most targeted sector for identity fraud in Q2.

More Articles

Altcoin News
ID Fraudsters Launch Automated Mega-Attacks on Crypto Companies, Abandoning Payments Sector
Sead Fadilpašić
Sead Fadilpašić
2024-10-31 09:26:31
Blockchain News
81 Arrests After Bitcoin Mining Scammers Accidentally Target Detective
Tim Alper
Tim Alper
2024-11-07 03:00:00
Crypto News in numbers
editors
Authors List + 66 More
2M+
Active Monthly Users Around the World
250+
Guides and Reviews Articles
8
Years on the Market
70
International Team Authors