On Tuesday, a cryptocurrency whale suffered a loss, with approximately $55.4 million worth of Dai stablecoin stolen in a phishing attack.
According to the blockchain security firm CertiK, the attacker likely used a phishing tool known as Inferno Drainer to gain access to the whale’s externally owned account (EOA).
Inferno Drainer Phishing Attack
The incident was first reported by on-chain sleuth ZachXBT in a Telegram post, where he highlighted the breach before CertiK confirmed the news.
Inferno Drainers are notorious for deceiving victims by mimicking legitimate websites or emails from well-known cryptocurrency exchanges or decentralized finance (DeFi) protocols, ultimately compromising their private information.
The attack targeted a Maker Vault, a collateralized debt position that allows users to borrow the U.S. dollar-pegged Dai stablecoin by depositing collateral. CertiK explained that the bad actor exploited a vulnerability to gain control of the whale’s Maker Vault through the compromised EOA.
The hacker then transferred ownership of the victim’s DSProxy #166,776, a smart contract that enables users to execute multiple contract calls in a single transaction, to a new address under their control.
The attacker changed the protocol’s owner address to their wallet after gaining control and minted almost 56 million in DAI, effectively draining the vault of its funds.
July Sees Over $270M in Losses
This incident is the latest in a series of high-profile hacks targeting the crypto space. Earlier this week, ZachXBT reported a separate breach involving the theft of 4,064 Bitcoin (BTC), worth approximately $238 million.
The stolen BTC stash was quickly transferred across multiple platforms, including THORChain, KuCoin, ChangeNow, Railgun, and Avalanche Bridge.
Although the exact method used in the heist remains unclear, experts believe a combination of phishing, social engineering, and exploiting wallet vulnerabilities may have been involved.
According to CertiK, more than $270 million was lost in various hacks, exploits, and scams across Web3 projects in July alone. This figure marks the second-highest monthly loss recorded in 2024, with attackers returning only $7.8 million of the stolen funds.
The report highlighted the various methods used by the bad actors, including exit scams, which accounted for approximately $3 million in losses, flash loans with an estimated $265.8 million lost, and other exploits totaling around $9.8 million.
DeFi protocols have become a prime target for cybercriminals, as DEX aggregation and bridging protocol LI.FI suffered a $10 million loss due to a security breach last month.
Additionally, the WazirX hack, which saw over $230 million funneled through the controversial mixing service Tornado Cash, left several retail investors with losses.