Phishing Scheme Costs Crypto Investor $24 Million in Staked Ethereum

A high-profile cryptocurrency investor has lost an eye-watering $24 million in staked Ethereum (ETH) following a phishing attack. The event has triggered significant concerns over the security of liquid staking providers like Rocket Pool.

The security firm PeckShield reported that the investor lost millions in Lido Staked ETH (stETH) and Rocket Pool ETH (rETH) on September 6th.

Did you know?

Want to get smarter & wealthier with crypto?

Subscribe - We publish new crypto explainer videos every week!

What is Web3? (Animated Explanation + Examples)

SUBSCRIBE

ON YOUTUBE

The phishing operation was alarmingly efficient, involving just two transactions that led to the theft of 9,579 stETH and 4,851 rETH. At the current market rates, these amounts were valued at $15.5 million and $8.5 million, respectively.

After acquiring the stolen assets, the perpetrator swapped them for 13,785 ETH and 1.64 million Dai (DAI). PeckShield informed that a significant chunk of the converted DAI had been moved to FixedFloat, an automated cryptocurrency exchange.

MistTrack, a crypto-tracking team from SlowMist, reported that the remaining stolen funds were funneled to three different addresses.

According to Scam Sniffer, the investor fell prey to the phishing attack by signing "Increase Allowance" transactions, granting the fraudster access to spend the staked ETH. These permissions are a feature allowing third parties to spend tokens belonging to someone else through smart contracts.

This loss follows closely on the heels of a recent industry development where several Ethereum liquid staking providers, including Rocket Pool, StakeWise, Stader Labs, and Diva Staking, have initiated or are in the process of creating a self-imposed limit. They have committed to not controlling more than 22% of the Ethereum staking market to foster a more decentralized landscape.

The incident serves as a severe warning about the vulnerabilities in the cryptocurrency staking ecosystem, particularly concerning phishing attacks. It highlights the need for investors to be vigilant when granting permissions or approvals in smart contracts, especially as crypto platforms continue to evolve their security measures.

Gile K., Market Sentiment Analyst

Gile is a Market Sentiment Analyst who understands what public events may form what emotions. Her experience researching Web3 news and public market messages – including cryptocurrency news reports, PRs, and social network streams – is critical to her role in helping lead the Crypto News Editorial Team.
As an intelligent professional in public relations, together with the team, she aims to determine real VS fake news patterns, and bring her findings to anyone searching for unbiased news and events happening in the FinTech markets. Her expertise is uncovering the latest trustworthy & informative Web3 announcements to the masses.
When she's not researching the trustworthiness of mainstream stories, she spends time enjoying her terrace view and taking meticulous care of her outdoor environment.

Full Bio

All Expert Contributors & Analysts