Phishing

Sophisticated Multi-Sig Wallet Phishing Attack via Fake Etherscan-Verified Contract

code2exit
code2exit

September 15, 2025

Description

Attacker deployed a fake but Etherscan-verified contract 2 weeks prior and exploited Safe Multi Send mechanism in a sophisticated phishing attack. Drained $3,047,000 USDC from victim's 2-of-4 multi-signature wallet. Attack executed through address spoofing (matching first/last characters) and hidden malicious approvals via Request Finance app interface. Pattern: Address spoofing (first/last character matching) Fake Etherscan-verified contracts Safe Multi Send mechanism abuse Non-standard approval transactions Request Finance app interface exploitation

Wallet Information

Trust Wallet

to be extracted from blockchain data

https://cryptoslate.com/new-sophisticated-phishing-exploit-drains-3m-in-usdc-from-multi-sig-wallet/

Related Indicators

Security TypeData TypeData Sub TypePattern
BlacklistCrypto AddressEthereumRefer to description
post_like_sub0
post_total_comment_sub0

12 reads

Show Your Support!

You are about to donate to the code2exit. Supporting great contributions helps strengthen our community.

Your current CBP0
Donation Amount
cbpCBP

Donations are final and cannot be refunded. Thank you for supporting the ChainBounty community!

0/500 bytes

Signing in progress...

Please sign your wallet messages to ensure a secure connection.