According to CryptoPotato, an unidentified individual recently lost $4.2 million worth of aEthWETH and aEthUNI due to a crypto phishing attack that used a falsified ERC-20 permission signature. Web3 security firm Scam Sniffer reported that the victim unknowingly signed approvals for multiple transactions using an ERC-20 authorization manipulated by an opcode contract to bypass security alerts. This tactic involved generating new addresses for each signature and redirecting the funds from the victim to an unauthorized address before the transactions were executed.
Opcode malware, a type of malicious software that exploits operation codes in scripting languages of different platforms, is at the core of such attacks. It can reroute funds, authorize unauthorized expenditures, and immobilize assets within smart contracts, often eluding traditional security measures and complicating detection and removal efforts. Experts suggest that opcode malware can seize command over a victim’s CPU, memory, and system resources by capitalizing on weaknesses in the operating system, applications, or other software operational on the victim’s computer. Once infiltrated, the malware can initiate a sequence of instructions presented as machine code, enabling it to carry out malicious activities. Opcode malware can also use system resources to mine cryptocurrency or launch distributed denial-of-service (DDoS) attacks.
Phishing activities have consistently risen monthly over the past year, with scammers adopting increasingly advanced tactics to circumvent security measures. Even crypto whales with substantial market-influencing holdings have fallen prey to fraudsters, losing millions of funds in the process.