A user loses $11 million to a crypto phishing scam

Continue reading U.TODAY

Google News

According to Scam Sniffer, one victim parted with aEthMKR and Pendle USDe tokens worth over $11 million after signature Allow multiple phishing signatures.

In particular, according to Arkham Intelligence, the victim is a delegate of MakerDAO governance.

As noted by blockchain security firm SlowMist, victims could end up facing significant losses due to signature risks.

Permission, enabled via EIP-2612, helps eliminate the need for prior authorization when interacting with smart contracts.

Notably, the feature allows you to generate authorization signatures without relying on on-chain transactions.

Potential victims can sign permission for a malicious website without transmitting it to the blockchain. Since possession of the signature is sufficient to grant permission, permission carries a significant level of risk, according to SlowMist.

Bad actors can potentially trick their victims into providing signatures by masquerading as a legitimate website.

Determining whether or not a signature is compromised can be difficult due to the fact that transactions occur off-chain. “From what we understand, some wallets decode and display signature information to approve authorization phishing attempts, but there is a lack of sufficient warning regarding authorization signature phishing, which poses greater risks to users,” the company said .

About the author

Alex Dovbnja

Alex Dovbnya (aka AlexMorris) is a cryptocurrency expert, trader and journalist with extensive experience covering everything related to the burgeoning industry, from price analysis to Blockchain disruption. Alex has authored more than 1,000 stories for U.Today, CryptoComes, and other fintech media. He is particularly interested in regulatory trends around the world that are shaping the future of digital assets; he can be contacted at alex.dovbnya@u.today.

Fuente