Disclaimer: Information found on CryptoreNews is those of writers quoted. It does not represent the opinions of CryptoreNews on whether to sell, buy or hold any investments. You are advised to conduct your own research before making any investment decisions. Use provided information at your own risk.
CryptoreNews covers fintech, blockchain and Bitcoin bringing you the latest crypto news and analyses on the future of money.
A GigaChad (GIGA) token investor recently suffered a loss of $6 million due to a sophisticated phishing scheme, representing another significant setback for a cryptocurrency holder through social engineering methods.
The breach was confirmed on November 12 and specifically targeted the individual, who goes by the online alias “Still in the Game,” via a counterfeit Zoom link intended to capture wallet credentials.
I want to be open – the substantial sell-off of $GIGA today was a result of one of my wallets being compromised through a fraudulent Zoom link.
This is painful, but I will return. I will always remain in the game.
Please exercise caution and avoid clicking on links from unknown sources…— Still in the Game (@stigstigstig_) November 11, 2024
This incident prompted an immediate sell-off of GIGA tokens and a noticeable downturn in the market.
The hacker utilized a seemingly authentic Zoom link, exploiting a slight variation in the URL to gain unauthorized access to the investor’s wallet.
On-chain investigations by Scam Sniffer and Onchain Lens reveal that once inside, the hacker successfully extracted 95.3 million GIGA tokens and converted these assets into more liquid stablecoins, complicating tracking and recovery efforts.
GigaChad Token Phishing Incident: How $6M Was Stolen
The phishing event initiated when the victim, “Still in the Game,” clicked on what seemed to be a regular Zoom meeting invitation link.
However, blockchain security firm Scam Sniffer later identified that the link, crafted to imitate an official Zoom URL, redirected the user to a counterfeit site designed to install malware.
This enabled the hacker to gather sensitive wallet information and monitor transactions from the victim’s device.
After obtaining access, the hacker quickly liquidated the stolen GIGA tokens valued at approximately $6.09 million.
Onchain Lens detailed how the attacker initially converted the GIGA tokens into 11,759 Solana (SOL) tokens, estimated at around $2.1 million, before further dividing the funds into Tether (USDT) and USD Coin (USDC) stablecoins.
A scammer drained three wallets containing $GIGA, resulting in a significant sell-off and a notable sell wick.
The scammer stole 95.27M $GIGA, valued at $6.09M prior to the sell-off, and exchanged it for 11,759 $SOL, worth $2.1M.
Subsequently, the scammer converted $SOL into $USDC and $USDT and… https://t.co/vuDVDINdua pic.twitter.com/8BkQ31RVzv— Onchain Lens (@OnchainLens) November 12, 2024
These stablecoins were then distributed across multiple wallet addresses, including a deposit of 700 SOL into a KuCoin exchange wallet.
Related Posts
Hackers frequently employ this strategy. They distribute the assets across various tokens and wallets, effectively concealing the stolen funds and evading immediate detection.
The counterfeit Zoom link featured a minor alteration in the URL, a tactic known to deceive even vigilant users.
Scam Sniffer’s tweet on the issue highlighted how subtle variations in URLs can serve as a powerful tool for hackers:
“Compare carefully: us04-zoom[.]us vs. us02web.zoom[.]us.”
This similarity is crucial to the success of the attack. To avert such incidents, users are advised to verify URLs from unfamiliar sources before clicking on them.
WARNING: Beware of fake Zoom malware!
A $GIGA holder lost millions!
Compare carefully:
us04-zoom[.]us
us02web.zoom[.]us
They appear similar, right? That’s the trap!pic.twitter.com/RWMur5MM7V
— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) November 12, 2024
pic.twitter.com/RWMur5MM7VIncreasing Security Concerns Amid Ongoing Investigations
In the aftermath of the attack, “Still in the Game” disclosed that he had engaged the FBI and a forensic team to trace the stolen assets.
Although recovering assets in the crypto space remains challenging due to the pseudonymous nature of blockchain.
This is not the first loss this quarter. Over $60 million has been lost to phishing attacks in Q4 thus far.
The most recent phishing incident prior to this resulted in the loss of over $36 million in wrapped Ethereum tokens (fwDETH) from a crypto venture capital fund associated with Continue Capital.
This attack took place on October 11 and exploited a fraudulent “permit” signature, allowing users to authorize transactions without directly interacting with their assets.
Similarly, on September 29, a whale lost $32.4 million in spWETH tokens; another lost $55.4 million in Dai stablecoins in August.
According to CertiK, over $753 million was lost to fraud in Q3 2024, including $127 million in phishing, making crypto the second most targeted sector for identity fraud in Q2.
The post GigaChad Token Holder Loses $6M in Phishing Attack appeared first on Cryptonews.
