By: Isha Das
The first half of 2024 has witnessed an unprecedented surge in crypto phishing attacks, resulting in total losses amounting to $341 million. This figure surpasses the $295 million lost in the entirety of 2023. According to blockchain security firm Scam Sniffer, these staggering incidents have been significantly driven by fake accounts on X (formerly known as Twitter).
SlowMist founder Yu Xian highlighted that the profit margins for these malicious attacks are quite substantial. He noted,
“There are 20 large accounts that have been phished for more than one million US dollars. Most of them are caused by the offline authorization signature of permit being phished away.”
Detailed reports reveal that 260,000 victims lost $314 million within the first six months of 2024 across all Ethereum Virtual Machine (EVM)-compatible chains. Importantly, the top 20 victims collectively lost $58 million, with the majority having suffered due to several fraudulent signature permits.
One user, in particular, lost $11 million, marking the second-largest individual theft in crypto history. This substantial loss involved a phishing attack where the user's aEthMKR and Pendle USDe tokens were stolen.
Additionally, Scam Sniffer disclosed that large-scale thefts involved critical assets such as staking and restaking tokens, Aave Collateral, and Pendle tokens. Among these, Pendle-related thefts represented 23.6%, while restaking and Aave Collateral assets accounted for 19.5% and 18% respectively.
The primary mode of attack has been through impersonator accounts on X. Scammers lure victims to phishing websites via misleading comments. According to Scam Sniffer reports,
“From Mist-Track intelligence and victim feedback, most victims were lured to phishing websites through phishing comments from impersonated Twitter accounts.”
While phishing attacks are wreaking havoc, bitcoin exchange hacks have also surged significantly in 2024. Blockchain security firm TRM Labs revealed that $1.38 billion in crypto assets have been stolen to date, which is double that of last year's count at this time. This combination of alarming trends underscores the pressing need for heightened security measures and awareness among crypto users.