ChainBleedv0.1 · open intel
← back to feed·PHISHING2023-03-30 · 3y ago
Incident · SLOWMIST

Patricio Worthalter

Phishing Attack
Estimated loss
$3.83M
VERDICT —OUT OF SCOPE
Root cause is phishing — victims signed malicious transactions or approvals off-protocol. Contract logic was not the failure surface; user-side wallet hygiene was. Pre-deployment audit cannot catch this class.
▰ METHOD
PHISHING
PHISHING
Root cause

Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.

Forensic narrative

The address of Patricio Worthalter, founder of POAP, was attacked by phishing. The attacker transferred 85,898 RPL (approximately $3.83 million) from Worthalter’s address to DEX, and sold all RPL at a price of 1,802 ETH (approximately $3.25 million). price drop. Attack method (per SlowMist): Phishing Attack. Reported loss: $ 3,830,000.

Primary source
https://twitter.com/lookonchain/status/1641397055171211265
Sourced from
slowmist
Technical record
chain
protocol
Patricio Worthalter
bug_class
phishing
date_occurred
2023-03-30
loss_usd
$3,830,000
source_id
sm:patricio-worthalter::2023-03-30
Related — same bug class· phishing
2026-04-29
1mo ago
Sweat Foundation
Contract Vulnerability
phishing
$3.50M
OUT OF SCOPE
2026-04-28
1mo ago
ETH
Multicall yvETH Approval Abuse (victim 0x9828)
Approval-drainer via multicall aggregator (phishing pattern)
phishing
$980.1K
OUT OF SCOPE
2026-04-27
1mo ago
ETH
Unverified Contract 0x2990A16D
Stale approval drain on unverified contract
phishing
$229.0K
OUT OF SCOPE
2026-04-03
2mo ago
Adobe
Supply Chain Attack
phishing
OUT OF SCOPE
2026-04-02
2mo ago
Trust Wallet
Infrastructure Hijacking
phishing
OUT OF SCOPE
2025-12-04
6mo ago
USPD
"CPIMP" (Clandestine Proxy In the Middle of Proxy) attack
phishing
$1.00M
OUT OF SCOPE
ChainBleed — live web3 threat intelligence