😱1,155 WBTC were phished, worth nearly $70 million. This user just encountered a phishing attack with a wallet address with similar first and last digits. The phishing gang really worked hard...
Key points for being attacked:
1. The target address of the user's normal transfer was targeted by the phishing gang, and the phishing gang collided and generated a phishing address with similar first and last digits in advance, such as the first 4 digits and the last 6 digits after removing 0x
2. When the user made a normal transfer, the phishing immediately (about 3 minutes later) followed a transaction: the phishing address transferred 0 ETH to the target user address
3. The user is used to copying the recent transfer information from the wallet history record. When seeing this phishing-followed transaction, he thought the phishing address was the target address of the user's normal transfer, so he copied it
4. Finally, the user may identify the first and last digits of the target address with the naked eye. Unfortunately, the "target address" at this time is the phishing address copied by the user from the wallet history record, with the same first and last digits (first 4 and last 6).