Cryptowell loses $35m in Blast Network phishing attack
A crypto-well lost $35M on the Blast network by FwDETH due to a phishing attack. The attacker liquidated 15,079 fwDETH, causing the price to drop from $2,000 to $100. The incident raised security concerns in DeFi, which impacted the Blast Network audit.
A crypto-well recently lost a few bundles of Duo ETH (fwDETH) tokens worth about $35 million in a massive phishing attack on the Blast network.
The attack was first reported by Scam Sniffer and later confirmed by security firms PeckShield and Blocksec after the victim unwittingly signed a fake “authorization” signature, which allowed the attacker to withdraw the money from the wallet.
What is Few Pack Duo ETH (fwDETH)?
Somewhat wrapped Duo ETH, or fwDETH, is a bundled version of Duo ETH (DETH), a derivative of Ethereum (ETH) issued by Duo, a decentralized finance (DeFi) running on the Blast network.
The stolen tokens, totaling 15,079 fwDETH, represent a significant loss for the whale whose wallet address is 0xEab2E…a393.
How was the phishing attack on Blast orchestrated?
Security experts say the phishing attack was executed by tricking Whale into signing an offline “authorization” message, which is typically used in DeFi transactions to authorize token transfers without the use of private keys.
According to Blocksec co-founder Yajin (Andy) Zhou, the signed authorization message was used by the attacker to extract fwDETH tokens from the victim's account.
This event had immediate consequences not only on whales but also on the price of DETH.
Within hours of the attack, DETH's price plummeted by more than 38%, dropping from $3,482 to $2,150 after the attacker destroyed the stolen tokens.
The price of fwDETH has dropped over 90% from $2,000 to $100. While the token's price later stabilized and partially recovered to $1,000, the drastic drop sent shockwaves through the explosive network and the broader crypto community.
This phishing attack highlights the constant security risks facing crypto investors, especially those who hold large amounts of digital assets.
The explosive network and associated protocols are now likely to face intense scrutiny as a result of the incident.