- A crypto whale lost approximately $35 million worth of fwDETH on the Blast network after falling victim to a phishing attack.
- The attacker withdrew 15,079 fwDETH, driving the token’s price down from $2,000 to $100 at its lowest point.
- The incident raised serious DeFi security concerns and prompted closer scrutiny of the Blast network.
A crypto whale recently lost roughly $35 million in Few Wrapped Duo ETH (fwDETH) on the Blast network after a successful phishing attack. The exploit occurred when the victim unknowingly signed a fraudulent “permit” message that granted the attacker permission to move tokens from the wallet.
Initially reported by Scam Sniffer and later confirmed by security firms PeckShield and BlockSec, the exploit highlights how social engineering and deceptive signature requests remain a major threat in decentralized finance.
What is Few Wrapped Duo ETH (fwDETH)?
Few Wrapped Duo ETH (fwDETH) is a wrapped version of Duo ETH (DETH), a derivative of Ethereum (ETH) issued by Duo, a DeFi protocol operating on the Blast network. Wrapped tokens like fwDETH represent underlying assets in tokenized form and are often used for trading, liquidity provision, and cross-protocol interactions.
The stolen amount — 15,079 fwDETH — represents a significant loss to the whale, whose wallet address was identified as 0xEab2E…a393. The theft and subsequent market activity caused notable price disruption for both DETH and its wrapped counterpart.
How was the phishing attack carried out on Blast?
Security researchers determined the attacker tricked the whale into signing an offline permit message. Permit messages are commonly used in DeFi to authorize token transfers without exposing private keys; however, when users sign malicious or misrepresented permit requests, attackers can use the signed data to transfer tokens from the victim’s account.
According to Yajin (Andy) Zhou, cofounder of BlockSec, the attacker then reused the signed permit to withdraw fwDETH from the victim’s wallet. The attacker immediately began liquidating the stolen tokens, which had rapid market effects.
Within hours of the exploit, DETH’s price plunged by more than 38%, dropping from $3,482 to $2,150 as the attacker sold the stolen holdings. fwDETH suffered an even steeper decline: its price fell over 90% from $2,000 to as low as $100. Although fwDETH later partially recovered to around $1,000, the sudden crash sent shockwaves across the Blast ecosystem and the broader crypto market.
This incident underscores persistent security risks for cryptocurrency holders, particularly large holders who are attractive targets for phishing and social-engineering attacks. It also highlights the importance of scrutinizing permission requests, verifying transaction details before signing, and using hardware wallets or other secure signing methods whenever possible.
As a result of the exploit, the Blast network and associated protocols are likely to face increased scrutiny from security researchers, auditors, and the community. The episode serves as a reminder that protocol-level and user-level protections must work together to reduce risks in DeFi.