An unwitting cryptocurrency holder has reportedly fallen victim to an eye-watering $4.46 million phishing scam.
According to data from Etherscan, $4.46 million in Tether (USDT) was withdrawn from a Kraken crypto exchange wallet and eventually sent to an address ending “ACa7.”
Blockchain security firm PeckShield, has labeled the address as being owned by a phishing scammer.
Another blockchain scam platform, Scam Sniffer, suggested on Sept. 20 that the funds were sent to an address linked to a “fake Coinone crypto mining exchange."
Scam Sniffer linked to a user-created Dune Analytics dashboard, suggesting attacks of this nature have seen scammers steal approximately $337.1 million USDT in total, impacting as many as 21,953 individuals.
@tayvano’s Dune Analytics dashboard on USDT Approval Scams. Source: Dune Analytics.
Related: Crypto whale loses $24M in staked Ethereum to phishing attack
The Global Anti-Scam organization says this type of approval mining scam usually tricks victims into authorizing unlimited withdrawals from their cryptocurrency wallet.
“When you create a self-custody crypto wallet [...] you obtain a "private key" that is safeguarded through encryption. However, the fraudsters do not need your seed phrase,” GASO said, explaining on its website that when a victim clicks to partake in the fake mining pool, they’re clicking on a button that will request a $10 to $50 network fee in Ether (ETH).
While it seems reasonable, GASO suggests it is part of to trick the user:
“This is merely a front to obtain your digitally signed authorization, allowing unlimited access to your wallet via the USDT smart contract.”
Magazine: Asia Express: Thailand’s national airdrop, Delio users screwed, Vietnam top crypto country