Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
The SlowMist security team found that funds from about 52 addresses were maliciously transferred to terra1fz57nt6t3nnxel6q77wsmxxdesn7rgy0h27x30 from April 12 to April 21, with a total loss of about $4.31 million. The SlowMist security team stated that this attack was a phishing attack on batches of Google keyword advertisements. When a user searches for the well-known Terra project on Google, the first advertisement link (the domain name may be the same) on the Google search result page is actually a phishing website. When a user visits this phishing website and connects to the wallet, the phishing website will remind you to directly enter the mnemonic phrase. Once the user enters and clicks submit, the assets will be stolen by the attacker. Attack method (per SlowMist): Phishing Attack. Reported loss: $ 4,310,000.
- chain
- —
- protocol
- Terra
- bug_class
- private-key
- date_occurred
- 2022-04-21
- loss_usd
- $4,310,000
- source_id
- sm:terra::2022-04-21