An unidentified individual recently suffered a significant loss of aEthWETH and aEthUNI, totaling $4.2 million, falling victim to a crypto phishing attack that leveraged a falsified ERC-20 permission signature.
According to the Web3 security firm Scam Sniffer, the victim unwittingly signed approvals for multiple transactions using an ERC-20 authorization manipulated by an opcode contract to bypass security alerts.
This deceptive tactic involved generating new addresses for each signature and redirecting the funds from the victim to an unauthorized address before the transactions were executed.
For the uninitiated, opcode malware, a type of malicious software exploiting operation codes in scripting languages of different platforms, is at the core of such attacks.
Its ability to reroute funds, authorize unauthorized expenditures, and immobilize assets within smart contracts makes it a potent threat, often eluding traditional security measures and complicating detection and removal efforts.
Experts suggest that opcode malware can seize command over a victim’s CPU, memory, and system resources by capitalizing on weaknesses in the operating system, applications, or other software operational on the victim’s computer.
Upon infiltrating the system, the malware can initiate a sequence of instructions presented as machine code, enabling it to carry out malicious activities.
Opcode malware can also use system resources to mine cryptocurrency or launch distributed denial-of-service (DDoS) attacks.
There has been a consistent monthly rise in phishing activities over the past year, marked by phishing scammers adopting increasingly advanced tactics to circumvent security measures.
Even crypto whales with substantial market-influencing holdings have fallen prey to fraudsters, losing millions of funds in the process.