The post Another Crypto Victim Loses $1.57M in Permit Phishing Attack appeared first on Coinpedia Fintech News

There is a new getting daily: permit phishing is getting bigger and a new victim has been caught who lost $1.57 million. Scam Sniffer, a web3 scam detection firm stated that the victim, possibly related to AzukiPH, executed a fake “permit” signature that allowed cybercriminals to hijack the user’s cryptocurrency wallet. 

3 hours ago, another victim lost $1.57M after signing a "permit" phishing signature. pic.twitter.com/wDGZIMdJ7N

— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) October 15, 2024

The stolen tokens were then converted to Ethereum and then the hackers migrated to Ethereum Mainnet by using Synapse, one of the most commonly used cross-chain networks.

Permit phishing: A Rising Threat

Permit phishing has become a common method for attackers to steal resources from vulnerable targets. In these schemes, specified victims are tricked or coerced into approving what appears to be an innocuous transaction and which actually gives control of tokens to a malicious actor. 

Once authorization is granted, hackers are capable of managing funds anywhere and emptying wallets in as short a time as five minutes. Such phishing attacks are normally invented to take advantage of the general misunderstandings of many interactions in decentralized finance, especially on temporarily spending tokens formed through the CREATE2 operation.

The Case of AzukiPH

Blockchain analytics firm Arkham Intelligence highlighted this case, data shows that the victim’s funds were first converted to ETH before then transferred to Ethereum Mainnet via Synapse. This is phenomenon is becoming the most popular among hackers as they hide the track of the stolen assets from police. 

The link to AzukiPH is provocative, as a platform where the majority of people involved in NFT and DeFi are, making them perfect targets for a phishing attack.

How to Steer Clear of Fraudulent Permits

As more and more sophisticated phishing attacks are launched, crypto holders must be extra careful. Never sign on any permits or transactions without knowing the exact reason why it has to be done. 

As far as dealing with cryptocurrency transactions, always have a second look at each transaction and also be careful with the addresses you are dealing with. The figures have risen at a very fast pace, increasing the need for better security awareness and better wallet interface security.