Crypto VC fund-tied entity losses $36m by signing phishing permit transaction: report

10/11/2024 14:42
Crypto VC fund-tied entity losses $36m by signing phishing permit transaction: report

An entity reportedly linked to a crypto venture capital fund has lost over $35 million in tokens due to a malicious permit transaction

Crypto VC fund-tied entity losses $36m by signing phishing permit transaction: report

An entity reportedly linked to a cryptocurrency venture capital fund has lost over $35 million in tokens due to a malicious permit transaction.

An unidentified on-chain entity has suffered a staggering loss of wrapped Ethereum (ETH) tokens valued at $36 million after inadvertently signing a malicious transaction.

Crazy!

Someone(probably related to @ContinueFund) lost 15,079 fwDETH(worth $36M) by signing a "permit" phishing signature 6 hours ago!

To avoid being phished, please do not click on any unknown links and do not sign any unknown signatures.
Always double-check when signing… pic.twitter.com/dTG4Uzsf43

— Lookonchain (@lookonchain) October 11, 2024

In an X post on Friday, Oct. 11, blockchain monitoring account Lookonchain reported that the entity, believed to be associated with the crypto venture capital fund Continue Capital, lost 15,079 fwDETH — wrapped ETH tokens on Blast’s chain — due to a “permit” phishing signature. As of press time, Continue Capital made no public statements on the matter.

TL;DR: An unknown suspicious address obtained tens of thousands of fwdETH through the permit method and sold them, causing the price of dETH to plummet rapidly, leading to attacks on protocols like PAC Finance and Orbit Finance.https://t.co/FwsGhSfs0q@RingProtocol

— roffett.eth (@roffett_eth) October 11, 2024

Following the news, the price of fwDETH plummeted by more than 95% in its trading pair with fwWETH before rebounding to a 40% decline. An X user under the alias @roffett_eth pointed out that the price drop led to “attacks on protocols like PAC Finance and Orbit Finance,” though the extent of these attacks remains unclear. Neither project has commented on the situation as of this writing.

Phishing attacks in the cryptocurrency sector are becoming increasingly sophisticated, often disguised as legitimate requests for user permissions. In this case, the victim appears to have fallen victim to a tactic that exploits user trust in digital signatures, underscoring the persistent risks within the crypto landscape.

Read more --->