Hackers are targeting Ethereum re-staking projects, exploiting vulnerabilities that allow them to steal ETH derivatives with just one signature, according to recent analysis.
On September 28, BlockBeats reported that 0xAA, founder of WTF Academy, highlighted a major security flaw in Ethereum re-staking projects that puts assets at significant risk. According to 0xAA’s data collected since March, nearly 70% of phishing incidents are linked to re-staking ETH. He pointed out that when users convert ETH into derivatives like xxxETH, hackers can exploit the process, requiring only a single signature to steal these assets.
Earlier today, BlockBeats reported that a whale address fell victim to such a phishing attack, resulting in the loss of over 12,000 spWETH, valued at approximately $32.43 million. This incident underscores the urgent need for heightened security measures in re-staking protocols, as the simplicity of the attack makes it an attractive target for cybercriminals.
The analysis serves as a wake-up call for the Ethereum community, emphasizing the importance of secure signature practices and vigilant asset management to protect against such vulnerabilities.