????Yello Paradisers!
Here is some breaking news for you. A high-profile crypto investor has been swindled out of $24 million in staked Ethereum, with the funds being staked through the Rocket Pool platform.
???? Details of the Attack
The attacker managed to steal the funds in just two transactions, compromising 9,579 stETH and 4,851 rETH. These stolen assets were valued at $15.5 million and $8.5 million, respectively, at the time of the attack on September 6.
???? Aftermath
According to PeckShield, a cybersecurity firm, the attacker converted the stolen assets into 13,785 Ether tokens. A large chunk of these tokens has already been moved to the FixedFloat cryptocurrency exchange.
???? Tracking the Funds
MistTrack, a specialized crypto tracking team, has reported that the majority of the remaining stolen assets have been transferred to three distinct addresses.
???? Security Risks
The victim had previously enabled token approvals for the scammer by signing transactions that increased allowances, a feature inherent to ERC-20 tokens that has been identified as a security risk.
This event occurs in the backdrop of multiple Ethereum liquid staking providers, including Rocket Pool, initiating measures to limit their ownership to no more than 22% of the Ethereum staking market.
???? Final Thoughts
This alarming incident underscores the inherent risks in staking and token approvals, particularly in the rapidly evolving landscape of liquid staking.
????ParadiseTeam ????
