A MakerDAO governance delegate recently suffered a significant loss of $11 million worth of Aave Ethereum Maker (aEthMKR) and Pendle USDe tokens in a phishing scam. The incident was detected by Scam Sniffer in the early hours of June 23. The user fell victim to the scam after unknowingly signing multiple signatures, resulting in the loss of their digital assets.
According to Wu Blockchain, the victim in this case was a MakerDAO governance delegate, highlighting the exploitation of a key player within the MakerDAO system. Delegates play a crucial role in the decision-making processes of MakerDAO. They are responsible for voting on governance proposals, polls, and executive votes, which ultimately influence significant decisions within the Maker protocol.
Typically, proposals within the MakerDAO system progress from initial polls to final executive votes, with MKR tokenholders and delegates voting to determine their approval. Once a proposal is approved, it undergoes a waiting period known as the Governance Security Module (GSM) before being implemented into the Maker protocol. This waiting period serves as a security measure to prevent sudden changes to the protocol.
Phishing scams have been on the rise in the crypto space. In December 2023, Cointelegraph reported an increase in the use of “approval phishing” methods by crypto scammers to steal funds. Approval phishing involves tricking victims into signing transactions that grant scammers access to their wallets, allowing them to drain funds. While this technique is not new, it is now being utilized more frequently by scammers.
Phishing scams are a common form of cybercrime where perpetrators pose as reputable entities to deceive individuals into providing sensitive information. In this particular case, the user was tricked into signing multiple permit network phishing signatures, resulting in the loss of their tokens.
According to a report by Scam Sniffer published earlier in 2024, phishing scams drained a total of $300 million from 320,000 users in 2023 alone. The report highlighted severe cases where victims lost large sums of money due to phishing signatures such as permit, permit 2, approve, and increase allowance.
It is important for individuals to remain vigilant and exercise caution when interacting with digital assets to protect themselves from falling victim to such scams.