In a devastating incident that has rattled the cryptocurrency community, a prominent crypto investor lost a staggering $24.23 million in a phishing scam on September 6. Identified by the Ethereum address “0x13e382,” the investor is considered a “crypto whale,” holding significant assets capable of influencing market trends. The loss included 4,851 rETH valued at approximately $8.58 million and 9,579 stETH worth around $15.63 million.
Data from the Ethereum blockchain reveals that the investor fell victim to unauthorized “increase Allowance” transactions. Web3 security firm Scam Sniffer disclosed that the whale had inadvertently granted token permissions to the fraudsters. This action enabled the scammers to siphon off the investor’s assets to two separate addresses, “0x693b72” and “0x4c10a4.”
Interestingly, the latter address, “0x4c10a4,” has been linked to many crypto phishing domains. The stolen funds were partly moved to the Fixed Float exchange, while the remainder was distributed across three other locations. The scammers successfully executed their scheme despite the victim’s extensive experience in the blockchain sector, including providing over $1.6 million in WBTC/USDT liquidity on Uniswap V3.
The victim has also collaborated with other blockchain protocols, such as Aave, 1inch, Curve, OMG, and EOS. Although the individual’s identity remains undisclosed, records indicate that the oldest known transaction linked to this address occurred on Bitfinex in June 2017.
This incident comes amid growing concerns about the rise of crypto phishing scams, particularly on social media platforms. Since the introduction of Twitter’s new Blue membership in November, there has been a noticeable uptick in phishing schemes. These scams are often propagated by verified paid bots using the platform previously known as Twitter.
Earlier this month, ZackXBT, a renowned on-chain investigator, also expressed concerns about increasing phishing scams on social media. These scams frequently masquerade as verified businesses, further complicating the issue for unsuspecting users.