Whale loses over $55m in DAI stablecoin to phishing attack

A whale address lost a significant amount of DAI tokens to a phishing attack after carelessly signing a fake transaction.

On-chain data confirms that the losses amounted to a whopping $55.47 million in Dai (DAI). According to Lookonchain’s X post, the whale’s funds were stored on Maker, a decentralized finance protocol built on Ethereum.

However, after the fraudulent transaction was signed, the ownership of these funds was changed, allowing the attacker to take full control of the DAI tokens in the wallet. When the whale attempted to withdraw the funds, the transaction failed due to the unintended change in ownership. The hacker then quickly moved the stolen DAI tokens to a newly created address.

The attacker has since been converting tokens to Ethereum (ETH) via this address and redirecting them to other wallets. So far, the hacker has swapped 27.5 million DAI for around 10,625 ETH, eventually moving most of the funds to CoW, a trading protocol.

Phishing attacks have become increasingly common in the crypto world. In June, a MakerDAO representative lost $11 million in various tokens, including USDe, to a similar scam. In May, an NFT trader lost more than $145,000 in Bored Ape Yacht Club collectibles, while another investor saw $101,000 in multiple cryptocurrencies go missing due to phishing.

Recent Chainalysis research confirms that confirmation attacks have accounted for a staggering $2.7 billion in stolen assets since May 2021. Previous reports also revealed that victims lost more than $46 million to phishing attacks in February of this year.