The joint operation represents the first multinational task force specifically designed to combat crypto-related phishing attacks that have drained billions from DeFi protocols and individual wallets over the past year.
Operation Details
- Scope: Multi-jurisdictional targeting of approval phishing networks
- Partners: US Secret Service, UK National Crime Agency, Royal Canadian Mounted Police
- Timeline: Ongoing operation launched March 16, 2026
- Target: Criminal networks exploiting token approval mechanisms
Approval phishing has emerged as one of the most sophisticated attack vectors in DeFi, where malicious actors trick users into signing token approval transactions that grant unlimited access to their wallets. Unlike traditional phishing, these attacks exploit the programmable nature of smart contracts.
"These criminals are exploiting the technical complexity of DeFi to steal from both retail users and institutional investors," said Secret Service Director Sarah Chen in a statement Monday. "Operation Atlantic represents our commitment to protecting the digital financial ecosystem."
Growing Threat Landscape
Crypto security firm Chainalysis data shows approval phishing attacks resulted in $2.7 billion in losses during 2025, representing a 340% increase from the previous year. The attacks primarily target users of decentralized exchanges and lending protocols.
The operation comes as regulatory clarity around DeFi continues to evolve, with enforcement agencies developing specialized units to address smart contract-based financial crimes.
Typical approval phishing schemes involve creating fake websites that mirror legitimate DeFi protocols, then prompting users to sign malicious approval transactions. Once signed, attackers can drain approved tokens without requiring additional signatures.
Enforcement Coordination
The international coordination reflects the borderless nature of DeFi protocols and the need for cross-jurisdictional cooperation. Many approval phishing operations span multiple countries, making unilateral enforcement efforts less effective.
Operation Atlantic will focus on identifying wallet addresses associated with phishing operations, tracking fund flows across blockchain networks, and coordinating arrests of key operators.
The Secret Service has not disclosed specific targets or timeline for arrests, citing operational security concerns.
Risk Considerations: Users should verify website URLs, review transaction details carefully before signing, and consider using hardware wallets for DeFi interactions.Sources: The Block, US Secret Service. Information as of March 16, 2026.