In a massive security breach, a crypto whale has reportedly lost $55.47 million worth of DAI via a sophisticated phishing attack. The incident, detailed by blockchain analytics firm Lookonchain and cybersecurity firm Certik, involves the unauthorized transfer of ownership of a Maker vault containing substantial DAI holdings to a malicious entity.

This is how the mega crypto hack happened

The chain of events began with an unsuspecting victim signing a transaction that seemed innocent at first glance, but was in fact a trap that led to the compromise of their assets. The critical transaction, timed on August 20, 2024 at 5:40:47 PM UTC, redirected the ownership of DSProxy #166,776 to a notorious phishing address “0x0000db5c8B030ae20308ac975898E09741e70000.”

After the ownership change, the attacker used a different address, “0x5D4b2a02c59197eb2cae95a6df9fe27af60459d4,” to illegally mint and withdraw 55,473,618 DAI tokens from the compromised vault. The blockchain records according to Etherscan reveal the attacker’s subsequent actions, in which they converted roughly half of the stolen DAI into 10,625 Ethereum (ETH).

CertiK, a leading security-focused ranking platform for analyzing and monitoring blockchain protocols and DeFi projects, identified the phishing technique used as part of a broader category known as Inferno Drainer. Inferno Drainer is a particularly virulent type of smart contract exploit that manipulates transaction permissions to redirect assets to addresses controlled by the attacker.

The exploit is often embedded in malicious smart contracts that appear benign or mimic legitimate contract interactions, tricking the user into performing transactions that give attackers access or control over their digital assets.

Certik emphasized the critical nature of this exploit, stating that the theft was facilitated by the attacker gaining control of the victim’s externally administered account (EOA) through deceptive means, including but not limited to disguised malicious links or compromised interfaces.

Following the incident, Lookonchain has spoken out about how to protect crypto assets. Through X, they warned: “When signing a transaction, always double-check before clicking ‘confirm’ and do not sign unknown transactions!”

This latest incident adds to an already tumultuous year in crypto security. According to CertiK, total losses in July alone amounted to approximately $270.9 million due to various exploits, hacks, and scams, despite approximately $7.8 million being returned to victims. This figure represents the second highest monthly loss for the year 2024.

CertiK reported that exit scams accounted for about $3 million of the total. Flash loans, which are often used in advanced arbitrage strategies but can also be exploited to temporarily manipulate market prices, accounted for a staggering $265.8 million. Other exploits contributed about $9.8 million to the total.

At the time of writing, the total market cap of cryptocurrencies was $2.053 trillion.

Main image created with DALL.E, chart from TradingView.com