Florence Finance, a real-world asset lending project, suffered a significant loss due to a sophisticated phishing attack, resulting in the theft of $1.45 million in USDC, a stablecoin. This incident highlights the growing concerns over security in the digital finance sector. The attack employed a method known as address poisoning, a common phishing technique in the crypto realm.
Address poisoning involves creating a wallet address that closely resembles a legitimate one, relying on human error and the difficulty in distinguishing between similar-looking wallet addresses. The Florence Finance attack unfolded in three stages: the victim’s initial transaction to a legitimate address, the scammers sending fake tokens from a similar address, and the victim mistakenly using the scammer’s address for real transactions.
The stolen funds were then transferred to multiple wallets, including one identified as 0xB087, before being bridged to THORChain and converted to Ethereum (ETH). This event underscores the need for heightened security measures in the digital finance sector. Cyvers, a Web3 security platform, is now working with Florence Finance to enhance their security protocols to prevent similar incidents in the future.
Disclaimer: Please note that the information provided in this article is based on the referenced research articles. It is essential to conduct further research and analysis before making any investment decisions. The cryptocurrency market is highly volatile, and investors should exercise caution and consult with financial professionals before engaging in cryptocurrency trading or investment activities.
