Crypto whale loses 55.4 million USD worth of Dai stablecoins in phishing attack
2 min readA cryptocurrency whale has lost approximately 55.4 million USD worth of Dai stablecoins due to a sophisticated phishing attack. The incident was initially reported by on-chain researcher ZachXBT and later confirmed by security firm CertiK.
The attack appears to have been carried out using a phishing tool known as Inferno Drainer. It lures victims into providing sensitive information through fake websites or emails that mimic legitimate cryptocurrency exchanges or decentralized finance (DeFi) protocols.
Once the hacker gained access to the whale’s externally owned account (EOA), he was able to exploit a vulnerability that allowed him to take control of a “Maker Vault.”
Hacker Takes Control of Crypto Whale EOA
Maker Vaults are collateralized debt positions where users can borrow Dai stablecoins by depositing collateral.
The hacker, after gaining control of the whale’s EOA, transferred ownership of the victim’s DSProxy — a smart contract that allows multiple contract calls in a single transaction — to a new address they controlled. This allowed the hacker to change the vault owner’s address to their own and create 55,473,618 Dai stablecoins directly in their wallet.
Security firm Blocksec provided further details, confirming that the criminal tricked the victim into signing a transaction that changed the vault’s ownership.
On-chain data indicated that ownership of DSProxy was transferred from the Maker Vault to an address labeled Fake_Phishing187019 on Etherscan during the phishing process.
The address later transferred ownership to another address, 0x5D4b2, which is now involved in withdrawing the stolen funds and possibly laundering them.
Blocksec analyst Jingyi Guo suggested that the victim likely signed a phishing transaction, especially since his attempts to invoke DSProxy failed after the ownership transfer.
A recent report from Chainalysis revealed a decline in illicit cryptocurrency transactions in 2024, even as specific types of criminal activity in the sector increased. Released on August 15 as part of the company’s mid-year update on crypto crime, the report found that hacking and ransomware attacks are becoming increasingly common.
Two categories in particular — funds stolen through hacking and ransomware attacks — saw an increase in frequency. By the end of July, the cumulative value of stolen cryptocurrencies reached 1.58 billion USD. This is an 84% increase compared to the same period in 2023.
While the number of hacking incidents increased only slightly (2.8% year-over-year), the average amount stolen per hack skyrocketed dramatically. In July alone, hackers stole approximately 266 million USD through 16 separate breaches, causing substantial losses to the crypto sector.
The July 18 attack on Indian cryptocurrency exchange WazirX stands out. This attack alone accounted for over 230 million USD, or 86.4%, of the month’s total losses.
Other victims of July’s crypto hacks included algorithmic protocol Compound Finance (24 million USD lost), bridge protocol Li.Fi (10 million USD), decentralized AI protocol Bittensor (8 million USD) and liquidity provider Rho Markets (8 million USD).
Finally, June saw a smaller loss of 176 million USD spread across approximately 20 incidents.
