Phishing Attack Causes Trader to Suffer Loss of $180k in USDC, ANDY Tokens

An Ethereum investor recently became a victim of a phishing attack involving cryptocurrency, resulting in a loss of more than $180,000 in USD Coin (USDC) and ANDY (ANDY), a meme coin inspired by Pepe. According to data from Etherscan, the attack took place on April 23, lasting from 05:39 to 06:29 UTC.

The attackers executed a multi-call phishing attack, combining multiple function calls into a single transaction. Although these individual calls may appear harmless, when combined, they reveal a malicious intent. Transaction data confirms that the attackers transferred funds from the victim’s address to several wallets, some of which were already identified as phishing wallets by Etherscan. The victim lost a total of 1.6 billion ANDY tokens, worth $162,400, and 17,913 USDC.

As a result of the attack, the victim’s account was completely emptied, with only $32 worth of Ethereum (ETH) and Arbitrum (ARB) remaining. Although one of the attacker’s addresses still holds the stolen funds, the second address immediately swapped all the ANDY tokens for WETH on Uniswap and then transferred the WETH to a new address.

It is likely that the attackers exploited the victim’s interactions with smart contracts. These malicious actors often create contracts that appear to perform standard DeFi operations, such as token swapping. However, embedded within these transactions are hidden calls that allow the attackers to gain access to the user’s tokens.

Last month, a similar attack resulted in a loss of $674,000 in USDC. The attackers promptly liquidated the assets through the Ox protocol. A recent report revealed that in February alone, over 57,000 crypto users lost $46 million to phishing attacks.

In other news, Akash Network (AKT) experienced a surge of 48% following its listing on Upbit. Stay updated with the latest news by following us on Google News.