Main navigation

User Loses $11 Million to Crypto Phishing Scam

Advertisement
Sun, 23/06/2024 - 11:56
User Loses $11 Million to Crypto Phishing Scam
Cover image via www.freepik.com
Read U.TODAY on
Google News

According to Scam Sniffer, a victim parted ways with more than $11 million worth of aEthMKR and Pendle USDe tokens after signing multiple Permit phishing signatures.

Notably, the victim is a MakerDAO governance delegate, according to Arkham Intelligence.

As noted by blockchain security firm SlowMist, victims might end up facing significant losses due to signature risks.

Permit, which was enabled through EIP-2612, makes it possible to remove the need for prior authorization when interacting with smart contracts.

Advertisement

Notably, the feature makes it possible to generate authorization signatures without relying on on-chain transactions.

Potential victims can sign the permit for a malicious website without broadcasting it to the blockchain. Since the possession of the signature is sufficient for granting authorization, the permit carries a significant level of risk, according to SlowMist.

Bad actors can potentially deceive their victims into providing the signatures by masquerading as a legitimate website.

Determining whether a signature is compromised or not can be difficult due to the fact that transactions take place off-chain. "From our understanding, some wallets decode and display signature information to approve authorization phishing attempts, but there is a lack of sufficient warning regarding permit signature phishing, posing higher risks to users," the firm said.

Related articles

Advertisement
TopCryptoNewsinYourMailbox
TopCryptoNewsinYourMailbox
Advertisement
Advertisement

Recommended articles

Latest Press Releases

Our social media
There's a lot to see there, too

Popular articles

Advertisement
AD