As Scam Sniffer reported, a crypto whale with the wallet address 0x13e3 lost 4,850 rETH ($8.5 million) and 9,579 stETH ($15.6 million) in a phishing attack. This amount of stETH and rETH was first transferred directly to the attacker’s wallet 0x693b, then converted to ETH and transferred to 3 different addresses. rETH and stETH are both key tokens in the liquid staking ecosystem, associated with Rocket Pool and Lido respectively.
Further scrutiny through the DeBank portfolio revealed that the stETH holdings of the compromised wallet on the LIDO protocol were nearly reduced to zero. To find out the cause of the attack, they examined the two transactions involving the whale wallet and found that both of these transactions are somehow related to 0x4c10 – the wallet has been labeled as Fake_Phishing by Etherscan.
Before transferring $24 million worth of rETH and stETH, whale wallet 0x13e3 has granted permission through the “increaseAllowance” method, which gave the scammer permission to increase withdrawal limits for these tokens.
According to Scam Sniffer, the wallet 0x4c10 has previously been linked to many other crypto scam websites. The evaluation tool rated wallet 0x4c10 with a “severe” score of 100.
It is possible that the whale wallet accessed a crypto website containing a phishing link and during the transaction signing process, the scammers withdrew a large amount of stETH and rETH. Even so, the balance in the whale’s wallet is still $16.3 million.
Besides phishing attacks, there are many other scam methods, so traders and investors need to be very careful.