published:
June 23, 2024 at 07:02 PM
GST
- A user lost $11 million in a phishing attack due to signing multiple fraudulent Permit signatures.
- Permit signatures, enabled through EIP-2612, allow off-chain transaction authorization, posing significant security risks.
- Security firms highlight the need for caution with Permit signatures and recommend using security extensions for protection.
In a recent incident, a user suffered a significant financial loss due to a phishing attack. The user lost $11 million worth of aEthMKR and Pendle USDe tokens after signing multiple Permit phishing signatures. This event shows the growing risks associated with digital asset security.The victim, who is a MakerDAO governance delegate, fell prey to the attack by unknowingly signing fraudulent Permit signatures.
Read CRYPTONEWSLAND on
google news
Permit Signature Risks
The incident highlights the vulnerabilities associated with Permit signatures, a feature enabled through EIP-2612. This feature allows users to authorize transactions without prior on-chain approval, which can be exploited by malicious actors. The risk is heightened because the signature authorization happens off-chain, making it challenging to detect compromised signatures.
Analysis by Security Firms
Arkham Intelligence and blockchain security firm SlowMist have both analyzed the incident. According to SlowMist, Permit signatures pose significant risks as they can be easily exploited by bad actors. SlowMist noted that some wallets decode and display signature information to help users identify phishing attempts. However, there is often insufficient warning about the risks of Permit signature phishing.
Preventative Measures
Users are advised to exercise caution when interacting with smart contracts and signing off-chain signatures. Installing security extensions, such as those recommended by Scam Sniffer, can enhance protection against phishing attacks. Additionally, users should verify the legitimacy of websites and smart contracts before signing any Permit signatures.
This incident is a reminder of the importance of security in the digital asset space. As the use of smart contracts and digital tokens continues to grow, users must remain vigilant and take necessary precautions to protect their assets from phishing attacks and other forms of cyber threats.
Read also
- SEO Powered Content & PR Distribution. Get Amplified Today.
- PlatoData.Network Vertical Generative Ai. Empower Yourself. Access Here.
- PlatoAiStream. Web3 Intelligence. Knowledge Amplified. Access Here.
- PlatoESG. Carbon, CleanTech, Energy, Environment, Solar, Waste Management. Access Here.
- PlatoHealth. Biotech and Clinical Trials Intelligence. Access Here.
- Source: https://cryptonewsland.com/11m-lost-in-permit-signature-scam-security-experts-urge-caution-with-off-chain-transactions/
- :is
- 07
- 08
- 1
- 150
- 2024
- 22
- 23
- 26%
- 36
- 394
- 54
- 7
- a
- About
- According
- actors
- Additionally
- advised
- After
- against
- ago
- allow
- allows
- analyzed
- and
- Anti-scam
- any
- approval
- ARE
- AS
- asset
- Assets
- associated
- At
- attack
- Attacks
- Attempts
- authorization
- authorize
- avatar
- Bad
- BE
- because
- before
- blockchain
- Blockchain security
- both
- button
- by
- CAN
- caution
- challenging
- Collapse
- Compromised
- continues
- contracts
- cyber
- Date
- detect
- digital
- Digital Asset
- digital tokens
- disclaimer
- Display
- due
- easily
- enabled
- enhance
- Event
- Exercise
- experts
- exploited
- extensions
- false
- Feature
- Firm
- firms
- For
- forms
- fraudulent
- from
- gif
- google news
- governance
- Grow
- Growing
- happens
- Have
- heightened
- help
- High
- Highlight
- highlights
- HOURS
- However
- HTTPS
- icons
- identify
- importance
- in
- incident
- information
- installing
- Intelligence
- IT
- jpg
- june
- legitimacy
- loss
- lost
- Making
- malicious
- Manipulation
- max-width
- million
- more
- multiple
- must
- necessary
- Need
- news
- noted
- of
- often
- On-Chain
- Other
- phishing
- phishing attack
- phishing attacks
- photo
- PHP
- plato
- Plato Data Intelligence
- PlatoData
- pm
- pose
- posing
- prey
- price
- Prior
- protect
- protection
- protocol
- Read
- recent
- recommend
- recommended
- remain
- reminder
- Risk
- risks
- Scam
- security
- security risks
- should
- Shows
- signature
- Signatures
- significant
- signing
- SlowMist
- smart
- Smart Contracts
- some
- Space
- such
- suffered
- Suffers
- SVG
- Take
- that
- The
- their
- There.
- they
- this
- those
- threats
- Through
- to
- Tokens
- transaction
- Transactions
- true
- use
- User
- users
- using
- verify
- Victim
- Wallets
- warning
- Web3
- websites
- when
- which
- WHO
- with
- without
- worth
- zephyrnet
