A cryptocurrency has lost more than $ 6 million in Ethereum (STETH) and Bitcoin wrapped in Aave (AethwBTC) after approving malware in a phishing program on September 18, according to the Safety Blockchain Scam Sniffer.
According to the cabinet, the attackers disguised their move into confirmation of routine portfolio by “permit” signatures, which led the victim to authorize the transfers of funds without triggering obvious red flags.
Yu Xian, founder of the Safety Company Blockchain Slowmist, noted that the victim had not recognized the danger because the transaction did not require any gas costs. He wrote:
“From the victim’s point of view, he simply clicked several times to confirm the portfolio’s pop-up signature requests, did not spend a single penny of gas and $ 6.28 million had disappeared.”
How permit exploits work
The permit approvals were initially designed to simplify the transfer of tokens. Instead of submitting approval and chain payment fees, a user can sign a message outside the chain authorizing expenditure.
This efficiency, however, has created a new attack surface for malicious players.
Once a user signs such a license, attackers can combine two functions – allowed and transfer – to directly empty the assets. Since the authorization takes place outside chain, the dashboards of the portfolio show no unusual activity until the funds move.
Consequently, the assets disappeared when the approval runs on the chain, and the tokens are redirected to the attacker’s wallet.
This gap has made more and more attractive license exploits for malicious actors, who can siphon millions without the need for complex hacks or high -cost gas wars.
Phishing losses
The last flight highlights a broader trend in climbing phishing campaigns.
SCAM SNIFFER said that in August only, the attackers stole $ 12.17 million from more than $ 15,200 victims. This figure represented a jump of 72% of the losses compared to July.
According to the cabinet, the largest share of the damages of August came from three major accounts which represented almost half of the total. This included a portfolio that lost $ 3.08 million in a single feat.
Meanwhile, the company awarded the sharp increase in losses to an increase in scams by EIP-7702 lots and direct transfers to malicious contracts.
Given this, security experts have urged crypto users to be careful when they interact with portfolio requests and refuse requests that grant unlimited authorizations to their wallets.
Mentioned in this article
(Tagstranslate) Crypto phishing (T) EIP 7702
Source link
