đšPepe Holder Loses $1.4 Million in Uniswap Permit2 Phishing Attackđš
A recent phishing attack has resulted in a PEPE token holder losing approximately $1.39 million after unknowingly signing a malicious Uniswap Permit2 transaction. The victim granted the attacker unrestricted access to their wallet, which was exploited to transfer tokens, including Pepe (PEPE), Microstrategy (MSTR), and Apu (APU), within an hour.
Uniswap's Permit2 feature, introduced to streamline token approvals and reduce gas fees, has increasingly become an attack vector. Scammers typically lure users into signing off-chain transactions through phishing websites, allowing them to perform actions like "Permit" and "Transfer From," draining wallets with a single signature. Many users overlook the need to set limits on token approvals, further increasing vulnerability.
This incident is part of a broader trend, with several high-profile attacks reported recently, including losses of millions in other phishing scams exploiting the Permit2 feature.
