Latest News: An organization or whale was precisely phished, resulting in a loss of 5000WU. Below is the entire process and preventive measures⬇️:
1. Incident Overview: An organization/whale lost 50 million USDT due to a phishing attack caused by a transfer operation error.
2. Operation Process:
- Withdraw 50 million USDT from Binance and test transfer 50 USDT to the planned transfer address.
- The phisher generated an address with the same first and last 3 digits and transferred 0.005 USDT to it.
- When the user officially transferred, they copied the address from the recent transaction record, resulting in 50 million USDT being sent to the phisher's address.
- The phisher quickly exchanged the funds for DAI, then bought ETH, and laundered the money through Tornado Cash.
Countermeasures:
1. Verify Address: Before making large transfers, be sure to manually check the integrity and accuracy of the receiving address to avoid directly copying addresses from recent transaction records.
2. Double Confirmation: Use blockchain explorers and other tools to verify the historical transaction records and related information of the receiving address to ensure its legality and security.
3. Small Amount Test: Before making large transfers, conduct a small amount test transfer to confirm that the funds can safely reach the target address.
4. Be Wary of Phishing: Raise security awareness and be cautious of any abnormal transfer requests or address changes to avoid phishing attacks.
5. Timely Freezing: Once funds are found to be stolen, immediately contact relevant platforms or institutions to attempt to freeze the account and recover the funds.
Phished Whale/Organization Address:
0xcB80784ef74C98A89b6Ab8D96ebE890859600819
