Over 2,000 Australian crypto wallets have been compromised in a series of sophisticated phishing attacks.
As reported by the Australian Financial Review, this breach is part of a broader investigation known as Operation Spincaster. This international initiative involves law enforcement agencies from six countries—the United States, United Kingdom, Canada, Spain, the Netherlands, and Australia. The scale of the operation is significant, generating over 7,000 leads and uncovering approximately $162 million in losses.
The Australian Federal Police (AFP) played a crucial role in these investigations, working alongside the Joint Policing Cybercrime Co-ordination Centre (JPC3). Detective Superintendent Tim Stainton of the AFP emphasized the significance of Operation Spincaster, stating that it has provided valuable insights into the tactics employed by cybercriminals.
Phishing scams, which involve impersonating legitimate entities to steal victims’ wallets by tricking users into authorizing transfers from their wallets. This remain a major threat in the crypto space. According to Scam Sniffer, over 260,000 individuals lost $314 million to phishing scams in the first half of this year alone.
Scam Sniffer‘s report reveals that twenty victims suffered significant losses, each losing over $1 million, with the collective loss amounting to $58 million.
One victim, identified by the address 0xfb94d3404c1d3d9d6f08f79e58041d5ea95, lost a staggering $11 million, making them the second-largest theft victim in history.
Many of the top 20 victims fell prey to phishing attacks that exploited signature requests for functions like Permit, IncreaseAllowance, and Uniswap Permit2. These attacks often targeted high-value assets, including staked tokens, restaking positions, Aave collateral, and Pendle tokens.