User loses $11 million in cryptocurrency scam

According to a report by Scam Sniffer, the victim was a representative in MakerDAO management, which adds an additional dimension to this huge loss. Arkham Intelligence confirmed this news, noting the complex nature of the fraud to which the victim was exposed.

For its part, SlowMist, a company specializing in blockchain security, explained that this huge loss is due to the risks associated with phishing signatures.

One of the main factors that facilitated this attack is the authorization granted by EIP-2612, which allows signatures to be performed without the need for prior authorization when interacting with smart contracts.

This feature, despite its benefits, allows the creation of authorization signatures without the need for network transactions, which can open up significant security risks.

This feature allows users to sign permissions to malicious websites without broadcasting those permissions to the blockchain.

Since simply having a signature grants the necessary authorization, this carries a high level of risk, as SlowMist explained.

Malicious actors can exploit this vulnerability to trick victims by pretending to be legitimate websites, making detection of compromised signatures extremely difficult since these transactions are not broadcast over the network.