Skip to content
FinancecybersecurityTechnologygeneral-newsCrime-and-justice

Large-scale BNB holder victimized in phishing assault originating from North Korea, losing a substantial $13.5 million.

On Tuesday, a substantial Binance Smart Chain user, known as a 'whale,' suffered a loss of approximately $13.5 million in tokens due to a deceitful phishing scheme.

 and  Administrator
2 min read
Cryptocurrency Heavyweight Suffers $13.5M Loss in Phishing Incident Linked to North Korea
Cryptocurrency Heavyweight Suffers $13.5M Loss in Phishing Incident Linked to North Korea

Large-scale BNB holder victimized in phishing assault originating from North Korea, losing a substantial $13.5 million.

A Binance Smart Chain user has fallen victim to a phishing scam, losing a staggering $13.5 million in digital assets. The attack, which occurred on Tuesday, has left the funds still in the attacker's wallet, as recovery efforts are underway.

The malicious transaction was approved by a user of Venus Protocol, a BNB lending platform that was not hacked. Initial estimates of the losses were revised from $27 million to $13.5 million.

The phishing scam involved imitating a trusted site with minor changes in the domain. It is believed that the attack was not carried out by Venus Protocol, but rather by an imitation of a trusted site.

Venus Protocol's security mechanism was triggered, pausing the protocol, preventing the attacker from moving Venus wrapped tokens from their wallet. This swift action ensured that the assets of other Venus users remain safe.

PeckShield, a security firm, is in contact with the victim and is working to recover the funds. The company has revised the estimated losses in the phishing incident to $27 million.

Initial analysis from security firm ZeroShadow suggests the attackers may be from the Democratic People's Republic of Korea. North Korean scammers are commonly active in cryptocurrency. However, the current security company collaborating with the operator of the phishing scams on the Binance Smart Chain has not been identified in the available search results.

In response to reports of the hack, Venus Protocol community delegate Danny Cooper dismissed them as "fake news." Venus Protocol, along with several security partners including Binance Security, HexaGate, ChaosLabs, and ZeroShadow, are working together to recover the funds.

The attack is still ongoing, as the funds are still in the attacker's wallet. Recovery of the funds is not 100% certain at this moment. The attacker's address for the asset transfer is 0x7fd8...202a.

This incident serves as a reminder for users to exercise caution when dealing with digital assets and to verify the authenticity of any requests for transactions or personal information.

Read also:

Related

Latest