Phishing Scam Drains $11 Million from MakerDAO Governance Delegate's Digital Assets
Summary:
A delegate in MakerDAO's governance structure lost $11 million in Aave Ethereum and Pendle USDe tokens due to a phishing scam. The scam involved tricking the user into signing several phishing signatures, which resulted in the loss of digital assets. Scammers are increasingly utilizing an approach called "approval phishing," which tricks victims into signing transactions that grant them wallet access. Scam Sniffer reported that phishing scams cost 320,000 users a total of $300 million in 2023.
A delegate in MakerDAO's governance structure has fallen prey to a phishing scam, resulting in the loss of Aave Ethereum (aEthMK) and Pendle USDe tokens valued at an estimated $11 million. Scam Sniffer tracked and reported the incident in the early morning of June 23. The unfortunate event happened after the user unknowingly signed several phishing-enabled agreements, resulting in the depletion of their digital holdings.
Illegal transactions were executed swiftly from sender address 0xfb94d3404c1d3d9d6f08f79e58041d5ea95accfa, moving 3,657 aEthMK tokens to receiver address 0x739772254924a57428272f429bd55f30eb36bb96, with the transaction processed within 11 seconds. Crypto journalist Colin Wu, with input from Arkham, deduced that the person scammed was an active delegate in MakerDAO's governance framework.
Such delegate roles in MakerDAO's systems are key to its overall operation and decision-making mechanism. Delegates handle voting on governance ideas, regulatory surveys, and executive ballot measures, thereby having an impact on substantial choices within the Maker system. Typically, holders of Maker (MKR) tokens and delegates vote on suggestions, which evolve from preliminary polls to the final executive votes. The approved proposals are then integrated into the Maker system following a delay or waiting period known as the Governance Security Module (GSM), a kind of safety net to curb unexpected modifications to the system.
Phishing scams have become common target methods for those desiring to illegally acquire cryptocurrency. Cointelegraph reported last December that crypto criminals are intensifying their use of “approval phishing” techniques. In this scam, unsuspecting victims are fooled into signing deals that give scammers access to wallets, after which they sweep the funds clean.
Chainalysis noted that this scam practice is not new, but it's increasingly preferred by scam groups known as “pig-butchering.” Cybercriminals often play on the trustworthiness of well-known entities to fool individuals into revealing confidential information. In this situation, the user was tricked into authorizing several Permit network phishing agreements, leading to the loss of their tokens.
In its report earlier this year, Scam Sniffer stated that in 2023 alone, phishing scams claimed $300 million from 320,000 users. The publication cited severe cases whereby a single victim lost up to $24.05 million due to phishing agreements like Permit, Permit 2, Approve, and Increase Allowance.
Published At
6/23/2024 3:50:28 PM
Disclaimer: Algoine does not endorse any content or product on this page. Readers should conduct their own research before taking any actions related to the asset, company, or any information in this article and assume full responsibility for their decisions. This article should not be considered as investment advice. Our news is prepared with AI support.
Do you suspect this content may be misleading, incomplete, or inappropriate in any way, requiring modification or removal?
We appreciate your report.