Sophisticated Multi-Sig Wallet Phishing Attack via Fake Etherscan-Verified Contract

code2exit

September 15, 2025

설명

Attacker deployed a fake but Etherscan-verified contract 2 weeks prior and exploited Safe Multi Send mechanism in a sophisticated phishing attack. Drained $3,047,000 USDC from victim's 2-of-4 multi-signature wallet. Attack executed through address spoofing (matching first/last characters) and hidden malicious approvals via Request Finance app interface. Pattern: Address spoofing (first/last character matching) Fake Etherscan-verified contracts Safe Multi Send mechanism abuse Non-standard approval transactions Request Finance app interface exploitation

지갑 정보

관련 지표