A recent report highlights a disturbing incident where an individual lost $4.2 million in a cryptocurrency phishing scam that exploited malicious opcode malware.
The victim, who remains unidentified, fell prey to the scam involving aEthWETH and aEthUNI tokens. The attack was executed using a falsified ERC-20 permission signature, as revealed by the Web3 security firm Scam Sniffer.
The victim unknowingly approved multiple transactions using the manipulated ERC-20 authorization, which allowed the attackers to bypass security alerts. The deceptive tactic involved creating new addresses for each signature and diverting the funds to an unauthorized address before executing the transactions.
Opcode malware, a type of malicious software that exploits operation codes in scripting languages on various platforms, played a central role in this attack. Opcode malware is known for its ability to reroute funds, authorize unauthorized expenditures, and immobilize assets within smart contracts. It often evades traditional security measures, making detection and removal challenging.
Security experts explain that opcode malware can take control of a victim’s CPU, memory, and system resources by exploiting vulnerabilities in the operating system, applications, or other software running on the victim’s computer. Once inside the system, the malware can execute a series of instructions presented as machine code to carry out malicious activities.
Opcode malware can also utilize a victim’s system resources for cryptocurrency mining or launch distributed denial-of-service (DDoS) attacks.
Phishing activities have seen a consistent monthly increase over the past year, with phishing scammers employing increasingly sophisticated tactics to bypass security measures. Even crypto whales holding significant market-influencing assets have fallen victim to these fraudsters, resulting in substantial losses running into millions of dollars.