After interacting with a malicious link set up by phishing scammers, a crypto whale lost millions in liquid staking derivatives Rocket Pool Ethereum (rETH) and Lido staked Ethereum (stETH).
Scammers drained millions in Ethereum (ETH) derivatives from a wallet holder in what blockchain analytics provider Peckshield called a phishing attack. Total losses from the attack are estimated at $24 million in crypto.
The crypto whale, a term designated to on-chain addresses with substantial crypto balances, lost 4,851 in Rocket Pool ETH (rETH) worth $8.5 million and 9,579 Lido staked ETH (stETH) valued around $15.6 million
Both assets are liquid staking derivatives (LSDs) of Ethereum’s proprietary token Ether (ETH).
On-chain data showed that the theft happened over two transactions. The whale seemingly authorized access to these two LSDs after clicking on a malicious link provided by a phishing scammer.
After gaining access to the whale’s wallet, the attacker sent rETH and stETH tokens to an address labeled “Fake_Phishing186943” on block explorer Etherscan.
Peckshield added that the stolen assets were swapped for 13,785 ETH and 1.6 million in Maker’s DAI stablecoin. The scammer also sent a portion of DAI, an algorithmic stablecoin; to a non-custodial exchange, FixedFloat, crypto exchange OKX, and a mixing service.
Crypto phishing attacks work by luring decentralized finance (defi) users with fake links masked as legitimate URLs.
Scammers are then able to authorize transactions and withdrawals from the victim’s wallets before siphoning stolen assets through mixers and anonymization tools.
The $24 million in ETH derivatives lost to bad actors is one of several similar incidents in 2023.
In March, another victim lost $3.8 million in Rocket Pool (RPL) to a phishing scam.
Phishing hackers have also targeted non-fungible token (NFT) holders, MetaMask users, X accounts (former Twitter), and even blockchains.
On Aug. 22, layer 1 network Terra halted its website to mitigate phishing attacks.