BlockTalkToday Logo

BlockTalkToday

Home
/
Industry news
/
Bitcoin and ethereum news
/

$6.28 million stolen in major st eth and a eth wbtc heist

$6.28M Stolen in stETH and aEthWBTC | Phishing Scam Hits One User Big

By

Aisha Ndangali

Sep 20, 2025, 05:33 PM

Edited By

Fatima Al-Mansoori

3 minutes needed to read

Visual representation of a phishing attack with stolen cryptocurrency symbols, highlighting the $6.28 million theft involving stETH and aEthWBTC.

In a shocking incident early this morning, a single victim lost $6.28 million in stETH and aEthWBTC due to a phishing scam. This theft may represent the largest total value lost in a single wallet draining operation this year, potentially linked to the notorious Inferno/Angel Drainer.

The Mechanics of the Scam

Sources indicate that the attack appears to be the result of a spearphishing effort, targeting a whale in the crypto community. The perpetrator's contract was likely interacted with unknowingly by the victim, who mistakenly approved the transfer of their assets. Recent trends show a surge in fake websites on search engines, which mislead users into interacting with malicious contracts.

"Most of these phishing scams tend to take place when a user interacts with a malicious contract or website," an observer noted.

The fraud's structure indicates an 80/20 split, favoring the malicious actor. The critical details of the involved wallets include:

  • Victim Wallet: 0x0d18D7C855668EB1Ba06005b199838F38E00D7e3

  • Malicious Contract: 0xa2e8Dfc32767f43611ABb43F66308E7Eb9C224F8

  • Inferno/Angel Customer Wallet: 0x1623915E35Ed39Bfa381010Ce224f89734889aC9

Following the Funds

Analysis of on-chain activity reveals that many stolen funds are funneling into Bitcoin or on the TRON network. Cybersecurity professionals are monitoring the movements closely. Current data suggests that:

  • Around $1 million in Ethereum is sitting idle in the Inferno/Angel admin wallet while being structured for future laundering efforts.

  • Funds are being laundered in various stages, with notable movement through 1inch Protocol and Tornado Cash.

Responding to user concerns, one commenter said, "This is why we use an ad blocker gentlemen."

The Customer's Activity

The receivers of the stolen funds, identified as the Customer in this scheme, are active in laundering their gains. Recent activity indicates they staked approximately 753 ETH on LIDO. Further movement includes:

  • 110 ETH routed directly through Tornado Cash.

  • 83 ETH traversing through bridging services.

Commenters expressed concern for the victim. "I hope that person is rich enough to forget this as soon as possible. I would go crazy if I had that much and lost," one user remarked.

Key Insights from the Community

The incident has stirred significant reactions among community forums, highlighting the urgency of cybersecurity in the crypto space:

  • πŸ”Ή Recent losses highlight the vulnerable state of whale wallets.

  • πŸ”Ή Users emphasize rigorous checks of contract legitimacy before approvals.

  • πŸ”Ή "This is a tremendous amount of money for sure," reflects a common sentiment of empathy.

"Thank you for the well put together description of the events. Sorry for that person that lost so much," another user added, highlighting community support.

As the Situation Develops

This incident marks a significant escalation in phishing attacks targeting large wallets, reminding all to exercise caution when handling crypto assets. Community members are urged to double-check every transaction link and stay alert to prevent similar scams in the future. Further updates will be posted as the situation evolves.

What Lies Ahead in Crypto Security

As the crypto community absorbs the shock from this $6.28 million theft, experts believe we could see a rise in protective measures among investors, particularly those with sizable wallets. There’s a strong likelihood that discussions around enhancing cybersecurity protocols will start dominating user boards. Many crypto enthusiasts might turn to multi-signature wallets or increase their scrutiny of smart contracts, motivated by the need to protect their assets. Experts estimate around a 70% chance that more comprehensive regulations may emerge as the industry looks to safeguard against such aggressive phishing tactics in the future, especially given the growing trend of high-profile scams.

Echoes from the Past

This incident can be likened to the infamous 2013 Silk Road takedown, which shocked the dark web economy by exposing vulnerabilities in anonymous trading systems. Just as law enforcement cracked down on that platform amidst a wave of fears, today's crypto realm faces similar scrutiny as it navigates the murky waters of digital theft. Much like those seeking anonymity then had to reckon with new regulations and security measures, today's crypto investors might find themselves wrestling with the urgent need to adapt or risk losing everything. One thing is clear: every major breach has the potential to reshape an entire ecosystem and, in this case, is likely to inspire a wave of innovations aimed at preventing a repeat of past mistakes.