Blockchain security firm Scam Sniffer reported that a crypto whale’s address was drained of 15,079 fwDETH, worth approximately $36 million, in a phishing scam.
Data from Arkham Intelligence suggest that the phished address might be linked to the venture firm Continue Capital. The firm has yet to comment on the incident
Meanwhile, Yu Xian, the founder of blockchain security firm SlowMist, linked the attack to the Angel Drainer phishing group, a known provider of “draining-as-a-service” (DAAS).
Typically, wallet drainers supply scammers with phishing tools like fake social media accounts, websites, and others in return for a share of the stolen funds. In 2023, these phishing services contributed to the theft of $295 million from 324,000 victims.
Phishing scams like this remain a persistent issue for the crypto sector. Scam Sniffer reported that such attacks caused losses of around $126 million in the third quarter of 2024 alone.
DETH depeg
The attack caused a significant disruption in DeFi markets, leading to the depegging of DETH, an asset meant to maintain a 1:1 exchange rate with ETH.
On-chain analyst Ember CN revealed that the attacker swiftly swapped the stolen DETH for ETH through a decentralized exchange. However, the liquidity in the DETH pool was insufficient, resulting in the attacker receiving only 2,288 ETH of the 14,079 DETH sold.
Nevertheless, the action drained the pool, causing a major decoupling between DETH and WETH. The value of the stolen assets plummeted by 85%, from $35.98 million to $5.5 million.
In an Oct. 11 post on X, decentralized trading platform Duo Exchange acknowledged the phishing attack but assured users that its protocols remained safe and fully functional. It stated:
“We are aware of the recent phishing attack on some of the whales of Duo. Over 10k DETH was dumped on AMMs to cause a depeg of DETH price.”
According to DeFillama data, the total value of assets locked on the platform dropped sharply, falling to $86 million from $103 million in just one day.