<p>An individual has seemingly lost $24 million in cryptocurrencies, with on-chain data pointing to a phishing attack as the likely cause.</p>\r\n<p>The stolen assets include liquid staking derivatives — 4,851 Rocket Pool ETH (rETH) valued at $8.5 million — and 9,579 Lido Staked ETH ($15.6 million). This makes it one of the largest individual crypto phishing incidents to date.</p>\r\n<p>Multiple security firms stated that the attack likely involved a phishing tactic. According to them, the individual was lured into authorizing a transaction from their <a href="https://etherscan.io/address/0x13e382dfe53207e9ce2eeeab330f69da2794179e#tokentxns">Ethereum wallet</a> through a malicious link.</p>\r\n<h2>Falling for a phishing attack</h2>\r\n<p>Phishing attacks involve tricking users into signing transactions and interacting with malicious smart contracts, as was the case in this incident. “The funds were stolen via the transferFrom function, we suspect this was done with a phishing link,” Mario B, analyst at security firm Beosin, told The Block.</p>\r\n<p>After interacting with the phishing link, on-chain data shows that the individual seemingly <a href="https://etherscan.io/tx/0xbb4fe89c03d8321c5bfed612fb76f0756ac7e99c1efaf7c4d99d99f850d4de53">granted</a> the perpetrator the required permissions to execute a ‘transferFrom’ function. Shortly after unintentionally authorizing the transaction, the assets were moved to an address designated as “<a href="https://etherscan.io/address/0x693b725a375f599f0b6efa0d910e749e1bec1555#tokentxns">Fake_Phishing186943</a>” by the block explorer Etherscan.</p>\r\n<p>“The victim gave the token approvals for rETH and stETH to the phishers in two separate transactions. It is highly likely that the signing of these transactions occurred after accessing a phishing link,” BlockSec analyst Jingyi Guo said.</p><br /><span class="copyright"><p>© 2023 The Block Crypto, Inc. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.</p>\n</span>