A new scam reveals a user's loss of nearly half a million dollars due to a single mistake, highlighting the rise of phishing attacks via 'Permit' technology on the Ethereum network. Experts warn of evolving fraudster tactics exploiting this technical feature to steal digital assets at record speed.
An ordinary digital transaction turned into a financial nightmare for a cryptocurrency user after losing approximately $440,000 in moments, due to a sophisticated fraudulent attack known as the "Permit Scam". The incident, revealed via the specialized website Decrypt, shows a dangerous trend in the evolution of digital space crimes, where a user no longer needs to sign for transferring their assets; signing a "permit" for access is enough, something fraudsters have cleverly exploited.
The "Permit" technology (EIP-2612) fundamentally aims to facilitate transactions and reduce their costs, allowing decentralized applications (dApps) to access user tokens without needing a separate transaction for each operation. Fraudsters exploit this feature by creating fake websites that ask victims to sign such permits, making them believe it's a normal transaction. Once signed, fraudsters gain authorization to withdraw any amount of the permitted token directly from the victim's wallet, without needing any additional approval in the future.
The scale of the loss in this case indicates that fraudsters are no longer targeting only small amounts but are now aiming for major heists. Experts attribute the success of these attacks to the lack of awareness among average users about the difference between signing a fund transfer and signing to grant a permit. Digital security analysts advise users to carefully scrutinize any signature request that appears in their wallets, verify the official website address, and use smart wallets that provide detailed warnings about permit requests.
The $440,000 incident confirms that the cryptocurrency environment, despite its promises of decentralization and personal control, harbors evolving risks that require constant vigilance. As reliance on technologies like permits increases to improve user experience, the battle between developers and fraudsters appears to be entering a new phase, where security and ease of use are at opposite ends. Individual responsibility in checking and reviewing every transaction remains the first and last line of defense for protecting digital assets in this age.
Source: Decrypt | Exclusive coverage from AI Tools Oasis
Bringing you the latest news and analysis in the world of Artificial Intelligence with accuracy and credibility. Follow us for all updates.
OpenAI is advancing its ambitious super app project, aiming to integrate advanced AI capabilities into a single, multifunctional platform. This development is part of the company's strategy to expand services and deliver a unified user experience. Discover the full details and expected impact of this move.
Notion has restored access to its Anthropic AI integration after a 4-hour outage disrupted users relying on Claude-powered features. The incident highlights the growing dependency on AI productivity tools and raises questions about infrastructure stability. All user data remained secure during the disruption.
A new report from TechCrunch AI warns of a potential 'Tokenpocalypse'—a massive collapse of digital tokens due to oversupply. With over 80% of new tokens losing 90% of their value, the market faces a crisis reminiscent of the dot-com bubble. This analysis explores the risks, impacts, and how investors can protect themselves.
