$2M Lost in Just 24 Hours as Phishing Scams Cause Chaos in Base Chain
The past day has been chaotic for the Base network, resulting in over $2 million in damages from a phishing attack. These unfortunate incidents highlight the constant risk of falling prey to cybercriminals and their fraudulent schemes, particularly targeting cryptocurrency users.
According to Scamsniffer, the latest victim fell victim to a phishing scam, losing $1.2 million worth of AERO tokens. Just a few hours earlier, another individual was tricked into a phishing attack, resulting in the theft of $846,610 worth of $DEGEN tokens through double spending and the successful use of the ERC20 Permit.
Another victim lost $1.2M of AERO to a phishing scam 6 hours ago.
In the past 24 hours, the Base chain has seen phishing losses near $2M.️
https://t.co/JdNxoxc0Pk
pic.twitter.com/TzK20TK4DF
— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer)
April 11, 2024
The Munchables attack on the Base network is just one example of the larger problem of vulnerabilities in the crypto ecosystem. In late March, the NFT video game Munchables, situated on the Ethereum layer 2 Blast network, experienced a hack that resulted in the theft of approximately $62 million worth of assets. While the stolen crypto was eventually recovered through a white hat rescue, this incident highlights the weaknesses in the network protocol.
The highly vulnerable design of the EVM (Ethereum Virtual Machine) is responsible for these hacks. Common issues such as lack of security extensions have made the EVM susceptible to buggy smart contract flaws, resulting in over $2 million being stolen within a 24-hour period.
Specifically, the activation of ERC-3074 plays a significant role in these alarming events. This protocol allows token owners to be targeted through phishing attacks, where malicious individuals can use fake signatures to remove all tokens and NFTs from a user’s account, amplifying the impact of this type of malware attack.
These incidents serve as a clear indication of the urgent need for comprehensive security measures and safeguards to protect users and their cryptocurrency assets.