The best way to avoid losing 1,155 BTC is obviously not having it in the first place. But if you are the lucky owner of a large chunk of crypto, safety should be your main priority. This whale, unfortunately, was not as cautious as they should have been.
On the evening of May 3, Beijing time, a whale mistakenly transferred 1,155 BTC to a phishing wallet address, worth about $71 million at the time. This significant loss serves as a stark reminder of the importance of security in the crypto world.
The hacker monitored the whale’s blockchain activity and saw the whale create a new address. The hacker then generated a similar address to the one the whale created and conducted a small transaction to include this phishing address in the transaction history. When the whale saw the phishing address in their transfer history, they mistakenly copied it, thinking it was their own address. The hacker monitored the phishing address and, upon receiving 1,155 BTC, quickly transferred the funds to a new address.
This incident shows that the hacker was well prepared and used significant computational power, likely indicating an organized effort rather than an individual. The speed and precision of the attack suggest automated scripts were used, and the hacker had access to considerable resources.
To protect your digital assets, create private keys and mnemonic phrases offline and store them securely offline. Use hardware wallets for additional security, but ensure you back up your private keys.
If you suspect your private key or mnemonic phrase is compromised, replace them immediately and transfer your assets. Store transfer addresses in an address book with notes and avoid copying addresses temporarily. Always perform small test transfers and confirm success with the recipient before large transactions.
For large transfers, consider splitting them into multiple smaller transactions. Avoid clicking on transfer links or online transactions sent by others, and always verify links and addresses independently. For larger fund management, consider using multi-signature methods to add an extra layer of security.
Read the full article here