A user on the Binance Smart Chain has lost $27 million to a phishing scam, according to security experts and those who have spoken with the victim. Several groups are now working with the victim and are attempting to recover the funds.

Early reports indicated that BNB lending protocol Venus Protocol had been hacked, due to the funds being held in Venus wrapper tokens for USDT and USDC. However, blockchain security firm Cyvers and Venus Protocol confirmed to Decrypt that the lending platform is not compromised—meaning the assets of other Venus users are safe.

PeckShield, another security company, also confirmed to Decrypt that it was a phishing scam, that the firm is in contact with the victim, and is working to recover the funds.

Venus Protocol community delegate Danny Cooper dismissed reports that the lending protocol had been hacked as “fake news,” telling Decrypt that, “A user falling victim to a phishing attack does not mean the protocol was drained. It was the user’s wallet that got compromised, not Venus.”

Cooper added that initial analysis from security firm ZeroShadow suggests that the "attack fingerprint" strongly points to the attackers being from the Democratic People's Republic of Korea.

North Korean scammers are rife in crypto, with centralized exchange Binance claiming it fends off phishing attempts from the region every single day. Lazarus Group, one of the most notorious hacker outfits in the world, is located in North Korea. According to the FBI, the group was responsible for the infamous $1.4 billion Bybit hack in March—the largest hack in crypto history.

How phishing scams work

Phishing scams involve tricking users into approving malicious transactions by imitating trusted platforms. “They succeed because they exploit human trust and urgency,” Hakan Unal, Senior Security Operations Center Lead at Cyvers, told Decrypt, adding that they usually take place during airdrops and token launches.

According to Cyvers, the attack likely came at the hands of a website that looked like a trusted site, with minor changes in the domain. The victim then approved a malicious transaction, which resulted in their funds being drained from their wallet.

Following the suspicious transfer, Cooper said, Venus Protocol’s security mechanism was triggered, and the protocol was paused. He said this appears to have prevented the attacker from moving the Venus wrapped tokens from their wallet.

Venus Protocol is also in contact with the victim and is working with several security partners, including Binance Security, HexaGate, ChaosLabs, and ZeroShadow, to help recover the funds. However, Cooper explained, the team isn’t 100% certain that recovery will be possible at this moment.

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。