A Maker Vault was compromised through a hacked Externally Owned Account (EOA), allowing the perpetrator to gain control and steal a significant amount of Dai stablecoin.
On Tuesday, a cryptocurrency whale fell victim to a phishing attack, resulting in the theft of approximately $55.4 million worth of Dai stablecoin. According to blockchain security firm CertiK, the attacker likely employed a phishing tool known as Inferno Drainer to access the whale’s EOA.
Inferno Drainer Phishing Incident
The breach was first reported by on-chain investigator ZachXBT in a Telegram post, with CertiK later verifying the event. Inferno Drainer is infamous for tricking victims by mimicking legitimate websites or emails from recognized cryptocurrency exchanges or decentralized finance (DeFi) platforms, leading to the exposure of private information.
The attack was aimed at a Maker Vault, which is a collateralized debt position that allows users to borrow Dai stablecoin by providing collateral. CertiK noted that the attacker took advantage of a vulnerability in the compromised EOA to seize control of the whale’s Maker Vault.
The hacker then transferred ownership of the victim’s DSProxy #166,776, a smart contract that enables multiple contract calls in a single transaction, to a new address they controlled. After gaining control, the attacker altered the protocol’s owner address to their own wallet and minted nearly 56 million DAI, effectively draining the vault of its funds.
July Sees Over $270 Million Lost in Crypto Scams
This incident is just one of many recent high-profile hacks in the cryptocurrency sector. Earlier this week, ZachXBT also reported a significant breach involving the theft of 4,064 Bitcoin (BTC), valued at approximately $238 million. The stolen BTC was swiftly transferred across various platforms, including THORChain, KuCoin, ChangeNow, Railgun, and Avalanche Bridge.
While the exact method of the heist is still unclear, experts suspect that phishing, social engineering, and exploiting wallet vulnerabilities might have played a role.
CertiK reported that more than $270 million was lost in various hacks, exploits, and scams across Web3 projects in July alone. This amount represents the second-highest monthly loss recorded in 2024, with attackers only returning $7.8 million of the stolen funds. The report detailed various techniques used by the attackers, including exit scams, which accounted for roughly $3 million in losses, flash loans leading to $265.8 million lost, and other exploits totaling around $9.8 million.
DeFi protocols have increasingly become prime targets for cybercriminals. For example, last month, the DEX aggregation and bridging protocol LI.FI suffered a $10 million loss due to a security breach. Similarly, the WazirX hack, which saw over $230 million laundered through the controversial mixing service Tornado Cash, resulted in significant losses for many retail investors.
