According to recent information 1,807 liquid staked Ether from the victim’s wallet address, appear to have been stolen via a permission phishing attempt. It looks like scammers have returned a sizable portion of the $6.91 million in liquid staked Ether that the unfortunate victim lost on May 26.
The co-founder of blockchain analytics company SlowMist, Yu Xian, wrote: “Yesterday, the old phishing group Inferno Drainer used the permit offline authorization signature to phish away nearly US$7 million in ETH re-pledged assets from a user.” The fact that they received a reimbursement today is really unusual.
The victim recovered 1,445 Ether, or 80% of the assets that were stolen, according to Scam Sniffer’s post on X that same day. The scammers allegedly kept a 20% bounty. According to analysts, the wallet address that was compromised had been the victim of a permission phishing assault, in which a malevolent actor creates a legitimate off-chain authorization signature that permits the chosen receiver to transfer ERC-20 tokens from a wallet that they do not own.
SlowMist claims that the attack can be carried out because of a feature that Ethereum permits—introduced by EIP-2612—overlook. By attaching an authorization signature, the EIP allows users to interact with smart contracts without requiring prior authorization. Still, any account can use the permit feature, regardless of ownership.
Therefore, even if users did not authorise of any transactions, scammers could still use the permission attack to syphon tokens from their wallets if they had already compromised their wallet signatures on phishing websites. To fend off these kinds of attacks, SlowMist recommended: “To spot any unusual authorizations, it’s advised to use authorization tools like RevokeCash (https://revoke.cash) on a regular basis.
Verification for Uniswap Permit2 can be done via the permission management tool at https://app.scamsniffer.io/permit2. It is imperative to remove authorizations immediately if they are found to be improper.” But not everyone felt the same way about the victim in this case. “How can someone get phished for $638K last year and $6.9M this year? Some folks simply don’t care about their possessions,” noted well-known DeFi expert ZachXBT.
In March, it was reported that cryptocurrency-related scams are up 53% within the past year. According to the FBI, cryptocurrency-related investment fraud accounted for 86% of all investment losses within the United States in 2023.