Crypto Whale Loses $32 Million in spWETH After Phishing Scam

In September 2024, a crypto whale lost $32 million worth of spWETH tokens in a sophisticated phishing scam. The wallet was compromised after the whale signed a "permit" phishing transaction, allowing attackers to steal over 12,083 Spark Wrapped Ethereum (spWETH). The wallet is potentially linked to Shixing Mao (aka Discus Fish), co-founder of F2Pool and Cobo. Inferno Drainer, a notorious scam-as-a-service operation, is suspected to be behind the phishing attack. This event has raised concerns in the DeFi space as phishing scams targeting high-profile wallets increase in frequency and sophistication.

A high-profile crypto whale lost $32.43 million in Spark Wrapped Ethereum (spWETH) after signing a fraudulent "permit" transaction as part of a phishing attack. The attackers, potentially linked to the scam-as-a-service platform Inferno Drainer, exploited the whale's DeFi wallet and quickly moved the stolen assets. This incident has raised alarms about the increasing sophistication of phishing scams in the cryptocurrency space. If you want to learn more about investment based crypto scams you can learn more here.

• Defendant: Potentially linked to Inferno Drainer and Shixing Mao (Discus Fish)
• Crime: Phishing scam targeting a high-profile crypto whale's wallet
• Amount Defrauded: $32.43 million (12,083 spWETH)
• Method: The victim was tricked into signing a "permit" phishing transaction on a decentralized finance (DeFi) platform, allowing hackers to drain their wallet.
• Additional Penalties: Investigation ongoing, no sentencing yet.
• Involved Platforms: Decentralized platform hosting Spark Wrapped Ethereum (spWETH), exploited through a fraudulent "permit" signature.
• FBI Investigation: The FBI is tracking losses from phishing schemes, which amounted to over $173 million in Q1 2024 alone.

On September 28, 2024, at approximately 06:15 UTC, the phishing attack was initiated. The attackers used a fraudulent "permit" transaction to access the whale's wallet, draining over 12,083 spWETH valued at $32.43 million. The wallet belonged to a whale, potentially linked to Shixing Mao, though Arkham Intelligence has flagged the identification as low confidence. After the initial transaction, the stolen funds were quickly moved through multiple wallets to avoid detection. The incident is believed to be orchestrated by Inferno Drainer, a phishing-as-a-service group known for stealing over $215 million from victims in similar scams.

In September 2024, a crypto whale lost $32.43 million in Spark Wrapped Ethereum (spWETH) due to a phishing scam. The attackers exploited a fraudulent "permit" transaction, allowing them to drain over 12,083 spWETH from the whale's wallet. The scam is believed to be linked to Inferno Drainer, a known scam-as-a-service platform responsible for multiple fraudulent schemes across decentralized finance (DeFi) platforms. The wallet involved may belong to Shixing Mao, co-founder of F2Pool and Cobo, although this is not fully verified. ScamSniffer, a platform designed to detect phishing attempts, flagged the transaction. The FBI is investigating as part of its broader efforts to combat phishing scams in the crypto space, which have led to $173 million in losses in early 2024 alone. The incident highlights the importance of using secure hardware wallets, such as Ledger Nano X, Trezor Model T, and Ellipal Titan, along with vigilance in verifying transactions and employing phishing detection tools.

Using a hardware wallet could have helped prevent the loss by keeping the victim’s private keys offline and away from phishing attempts. The following hardware wallets offer strong protection against such attacks:

1. Ledger Nano X: With its secure element chip and offline storage capabilities, the Ledger Nano X would have prevented phishing attempts by requiring physical confirmation of transactions, adding a layer of protection against fraudulent signature requests. Or see our review of this wallet here.
2. Trezor Model T: Trezor’s Shamir Backup feature ensures that even if one part of the backup is compromised, funds remain safe. This would have helped mitigate the risk of unauthorized access to the whale’s wallet. Or see our review of this wallet here.
3. Ellipal Titan: The air-gapped security of the Ellipal Titan prevents any online interaction between the wallet and potential phishing attempts, making it impossible for hackers to steal funds through fake permit transactions. Or see our review of this wallet here.

Preventative Steps:

• Always verify URLs and transaction requests before signing anything.
• Use a hardware wallet to store large amounts of cryptocurrency, especially when interacting with decentralized platforms.
• Enable phishing protection tools like ScamSniffer to detect potential scams early.
• Regularly audit and monitor your wallet activity through reliable blockchain analytics.