On October 13, a PEPE holder lost $1.39 million worth of cryptocurrency including PEPE, MSTR, and APU after signing the “permit2” phishing signature.
🚨 25 mins ago, a PEPE holder lost $1.39M worth of PEPE, MSTR, and APU after signing a “permit2” phishing signature.💸 pic.twitter.com/Wf4nd8eFxl
— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) October 13, 2024
Web3 Anti-Scam platform, Scam Sniffer shared the affected address and the address of the scammer, “victim: 0xb0b866410a22501c0e6c2b2eb6a91b3322e440c7. scammer: 0x22408b5ba24368736ddbacd48a0c3b1a7c9a0930.”
Scam Sniffer added that Uniswap introduced Permit2, using which phishing signatures can get approval for multiple tokens at the same time. Once the victim’s signature is obtained, they can transfer multiple assets. As observed in this particular draining incident, wallet drainers are misusing Create2 to bypass security alerts in some wallets by generating new addresses for each malicious signature. After the victim signs the signature, the Drainer creates a contract at that address and transfers the user’s assets.
Advertisement
Last year, using a create2 another drainer had stolen nearly $60 million from around 99,000 victims in the past six months. In a similar instance, in November 2023, a group had employed the same technique in Address Poisoning since August 2023 to continuously steal nearly $3 Million in assets from 11 victims, with one victim losing up to $1.6 Million.
Crypto scams have been on constant rise, recently, Korean NFT artist DeeKay Kwon shared that his crypto wallet was stolen and all his life savings were lost in a similar instance. The US FBI recently stated that losses from cryptocurrency-related frauds and scams increased 45% in 2023 from 2022, totaling more than $5.6 billion.
Advertisement
Also Read: Ripple’s CTO Warns About Sophisticated Crypto Scams