Crypto VC-Linked Entity Loses $36M to Phishing Attack - Report

An entity reportedly linked to a cryptocurrency venture capital fund has fallen victim to a major cyberattack, losing $36 million worth of tokens in the process. 

The victim, whose identity has not been disclosed, unknowingly signed a malicious permit transaction that allowed hackers to drain a large sum of wrapped Ethereum (fwDETH). 

According to blockchain monitoring service Lookonchain, the attack occurred on October 11, 2024, targeting an on-chain entity believed to be tied to Continue Capital, a well-known crypto venture capital firm.

The stolen funds, totaling 15,079 fwDETH, were then quickly sold off, causing a dramatic drop in the token’s value. fwDETH's price plummeted by 95% in its trading pair with fwWETH, but has since recovered, remaining down by about 43%.

How the Hack Happened

According to reports from PeckShield, the hackers lured the victim into signing a permit message. This permit message, signed offline by the victim, granted the attacker authorization to drain the victim's wallet without needing any further interaction.

This type of phishing attack is particularly dangerous because it mimics legitimate requests for user signatures. Once the permit was signed, the attacker drained the funds from the victim’s account and quickly liquidated them on decentralized exchanges, causing a major drop in the token’s value.

Having received $12.8K in fwDETH, the scammer address exchanged 11,826 $DETH for 1,172.8 $ETH (worth $2.8M). Further, it swapped 2,261 fwDETH for 1,114.4 ETH (worth ~$2.7M), according to PeckShield.

The sharp decline in fwDETH's price also triggered problems for other DeFi protocols. PAC Finance and Orbit Finance, both of which rely on wrapped Ethereum tokens, were reportedly affected by the sudden drop in value. 

Growing Threat of Phishing in Crypto

Phishing attacks like this one are becoming more common and sophisticated. Hackers often disguise their malicious activities as legitimate requests for permissions, preying on the fast-paced nature of cryptocurrency trading, where users are constantly prompted to sign transactions or approve requests.

According to Certik’s 2024 blockchain security report, phishing is now one of the leading causes of financial loss in the crypto space. In the first half of 2024 alone, $498 million was stolen across 150 incidents due to phishing. 

In September 2024,10,800 victims were impacted by phishing attacks, according to Scam Sniffer. The largest attack that month saw $32.43 million worth of spWETH stolen through a phishing permit signature, similar to the attack that drained fwDETH in this latest incident.