Blockchain security firm Scam Sniffer reported that 15,079 fwDETH (worth about $36 million) was leaked from a crypto whale address in a phishing scam.
According to data from Arkham Intelligence, the phished addresses may be associated with the venture company Continue Capital. The company has not yet commented on the incident.
Meanwhile, Yu Xian, founder of blockchain security company SlowMist, linked the attack to the Angel Drainer phishing group, known as a “drain as a service” (DAAS) provider.
Typically, wallet drainers provide scammers with phishing tools such as fake social media accounts or websites in exchange for a portion of the stolen funds. In 2023, these phishing services stole $295 million from 324,000 victims.
Such phishing scams remain a persistent problem for the cryptocurrency sector. Scam Sniffer reports that such attacks resulted in approximately $126 million in losses in the third quarter of 2024 alone.
DETH Depeg
This attack caused significant disruption to the DeFi market and led to the depegging of DETH, an asset intended to maintain a 1:1 exchange rate with ETH.
On-chain analyst Ember CN revealed that the attackers quickly exchanged the stolen DETH for ETH through a decentralized exchange. However, due to insufficient liquidity in the DETH pool, the attackers only received 2,288 ETH out of the 14,079 DETH sold.
Nevertheless, this act emptied the pool and created a major disconnect between DETH and WETH. The value of stolen assets plummeted 85%, from $35.98 million to $5.5 million.
In an October 11 post on X, decentralized trading platform Duo Exchange acknowledged the phishing attack, but assured users that its protocol remains secure and fully functional. It stated:
“We are aware of a recent phishing attack against some whales on Duo. Over 10,000 DETH were dumped into AMM to cause a drop in DETH price.”
According to DeFillama data, the total amount of assets locked on the platform plummeted from $103 million to $86 million in just one day.
