According to Odaily Planet Daily, SlowMist Yuxian posted on the X platform that there are several key information to note about a user's WETH phishing incident on Blast:

1. WETH on Blast is Blast's wrapped ETH token issued by Blast. The contract is upgradeable and supports permit offline authorization signature.

2. The WETH code on the Ethereum mainnet is very concise and reliable. The amount of ETH stored in the contract is equal to the amount of WETH issued, and there is no permit function.

3. Users were phished because Inferno Drainer supported Blast WETH permit offline authorization signature. The phishing gang studied the details to determine their profits.

According to previous news, on September 18, a user lost 150 WETH (worth about US$349,200) because he signed a "permit" phishing signature.