Fake X accounts lead to record-setting crypto phishing attacks of $341 million Fake X accounts lead to record-setting crypto phishing attacks of $341 million
The top 20 crypto phishing victims of the first half of the year lost $58 million, according to Scam Sniffer.
1 min read
Updated: Jul. 5, 2024 at 3:16 pm UTC
Cover art/illustration via CryptoSlate. Image includes combined content which may include AI-generated content.
Crypto phishing exploits in the first half of this year reached $341 million, surpassing the $295 million scammers siphoned from victims in 2023, according to blockchain security firm Scam Sniffer.
Security expert and SlowMist founderย Yu Xianย said the phishing incidents of the first half of the year showed that the profit margin of these malicious attacks was profitable. He added:
“There are 20 large accounts that have been phished for more than one million US dollars. Most of them are caused by the offline authorization signature of permit being phished away.”
20 people lost over $1 Million each
The report reveals that around 260,000 victims lost $314 million across all Ethereum Virtual Machineย (EVM)-compatible chains between January and June 2024. Among these, the top 20 victims lost over $1 million each, totaling $58 million. Notably, most of these users fell victim to several signature permits.
The report stated:
“Inย the Top 20 victim’s case, most of the thefts of all ERC20 tokens were due to signing phishing signatures such as Permit, IncreaseAllowance, and Uniswap Permit2.”
During the period, the most significant losses were incurred by one user who lost $11 million, making them the second-largest individual theft victim in history. Following a permit signature phishing attack, the user lost $11 million worth of aEthMKR and Pendle USDe tokens.
The report also disclosed that most large thefts involved staking, restaking, Aave Collateral, and Pendle tokens. By asset category, Pendle-related thefts accounted for 23.6%, followed by restaking assets at 19.5%. Aave Collateral and staking thefts stood at 18% and approximately 8%, respectively.
Phishing attack tactics
Scam Sniffer stated that most phishing attacks were caused by impersonator accounts on X, formerly Twitter. The victims were lured to phishing websites via phishing comments on the platform.
It explained:
“From Mist-Track intelligence and victim feedback, most victims were lured to phishing websites through phishing comments from impersonated Twitter accounts.”
Posted In: Hacks
Author 
Oluwapelumi Adejumo
Oluwapelumi values Bitcoin's potential. He imparts insights on a range of topics like DeFi, hacks, mining and culture, underlining transformative power.
Editor Editor 
Liam 'Akiba' Wright
Also known as "Akiba," Liam is a reporter, editor and podcast producer at CryptoSlate. He believes that decentralized technology has the potential to make widespread positive change.
Latest Alpha Market Report
In this article
Ethereum is a decentralized, open-source blockchain platform that enables the creation of smart contracts and decentralized applications (DApps).
