In a sophisticated phishing scam, a hacker has managed to siphon off more than $50,000 from users of the Stargate Finance platform. The fraudulent activity involved the creation of a fake voting proposal on Stargate Snapshot, luring over 1,000 unsuspecting users into a trap that cost them dearly.
The mechanism of the scam
The scam unfolded on the Stargate Governance platform, where the scammer, after purchasing and staking 50,000 STG tokens — the native currency of Stargate Finance — gained the ability to create a voting proposal. This proposal deceitfully suggested the launch and distribution of a new token, gSTG. To add a veneer of legitimacy, the hacker invited users to check their eligibility for reward distribution by following a link. However, this link led to a phishing website, a classic online trap designed to steal personal and financial information.
The LayerZero Discord community was the first to spot this fraudulent activity. A moderator there raised the alarm, warning users about the perilous link embedded in the proposal. Despite this, over a thousand participants had already fallen prey to the scam, leading to significant financial loss.
The extent of the losses
Data provided by DeBank, a platform tracking blockchain activities, reveals the extent of the theft across various blockchain networks. The hacker managed to steal assets worth $30,146 on the Arbitrum chain, $14,135 on Optimism, and $7,626 on Ethereum, among others. The total sum lost in this scam has exceeded $50,000.
This incident showcases the rising risks associated with DeFi platforms, where the decentralized nature, though beneficial in many ways, also opens up avenues for such fraudulent activities. However, the need for heightened vigilance among users and the importance of verifying the authenticity of proposals and links, especially in governance-related processes, can never be over-emphasized.
Overall, users of platforms like Stargate Finance are advised to stay informed and exercise caution, particularly in dealings that involve significant financial decisions. The incident also calls for a stronger collective response from the community and platform developers to enhance security measures and educate users, thereby safeguarding the integrity and trust in the DeFi ecosystem.