$PEPE Holder Loses $1.4 Million in Uniswap Permit2 Phishing Attack

The victim unknowingly signed an off-chain Permit2 signature, which granted the attacker unrestricted access to their wallet, according to ScamSniffer

Uniswap Permit2 signing, which started as a tool to simplify token approvals, has now become a common attack vector in the DeFi ecosystem.

A PEPE token holder became the latest victim of a phishing scam, losing $1.39 million worth of crypto after unknowingly signing a malicious Uniswap Permit2 transaction.

According to cybersecurity firm ScamSniffer, the stolen assets, including Pepe ($PEPE ), Microstrategy (MSTR), and Apu (APU) tokens, were transferred to a new wallet just an hour after the victim approved the transaction

Source: Decrypt