The post Crypto whale loses $6M to sneaky phishing scheme targeting staked Ethereum appeared on BitcoinEthereumNews.com. A crypto whale lost more than $6 million in staked Ethereum (stETH) and Aave-wrapped Bitcoin (aEthWBTC) after approving malicious signatures in a phishing scheme on Sept. 18, according to blockchain security firm Scam Sniffer. According to the firm, the attackers disguised their move as a routine wallet confirmation through “Permit” signatures, which tricked the victim into authorizing fund transfers without triggering obvious red flags. Yu Xian, founder of blockchain security company SlowMist, noted that the victim did not recognize the danger because the transaction required no gas fees. He wrote: “From the victim’s perspective, he just clicked a few times to confirm the wallet’s pop-up signature requests, didn’t spend a single penny of gas, and $6.28 million was gone.” How Permit exploits work Permit approvals were originally designed to simplify token transfers. Instead of submitting an on-chain approval and paying fees, a user can sign an off-chain message authorizing a spender. That efficiency, however, has created a new attack surface for malicious players. Once a user signs such a permit, attackers can combine two functions—Permit and TransferFrom—to drain assets directly. Because the authorization takes place off-chain, wallet dashboards show no unusual activity until the funds move. As a result, the assets are gone when the approval executes on-chain, and tokens are redirected to the attacker’s wallet. This loophole has made permit exploits increasingly attractive for malicious actors, who can siphon millions without needing complex hacks or high-cost gas wars. Phishing losses The latest theft highlights a wider trend of escalating phishing campaigns. Scam Sniffer reported that in August alone, attackers stole $12.17 million from more than 15,200 victims. That figure represented a 72% jump in losses compared with July. According to the firm, the most significant share of August’s damages came from three large accounts that accounted for nearly half… The post Crypto whale loses $6M to sneaky phishing scheme targeting staked Ethereum appeared on BitcoinEthereumNews.com. A crypto whale lost more than $6 million in staked Ethereum (stETH) and Aave-wrapped Bitcoin (aEthWBTC) after approving malicious signatures in a phishing scheme on Sept. 18, according to blockchain security firm Scam Sniffer. According to the firm, the attackers disguised their move as a routine wallet confirmation through “Permit” signatures, which tricked the victim into authorizing fund transfers without triggering obvious red flags. Yu Xian, founder of blockchain security company SlowMist, noted that the victim did not recognize the danger because the transaction required no gas fees. He wrote: “From the victim’s perspective, he just clicked a few times to confirm the wallet’s pop-up signature requests, didn’t spend a single penny of gas, and $6.28 million was gone.” How Permit exploits work Permit approvals were originally designed to simplify token transfers. Instead of submitting an on-chain approval and paying fees, a user can sign an off-chain message authorizing a spender. That efficiency, however, has created a new attack surface for malicious players. Once a user signs such a permit, attackers can combine two functions—Permit and TransferFrom—to drain assets directly. Because the authorization takes place off-chain, wallet dashboards show no unusual activity until the funds move. As a result, the assets are gone when the approval executes on-chain, and tokens are redirected to the attacker’s wallet. This loophole has made permit exploits increasingly attractive for malicious actors, who can siphon millions without needing complex hacks or high-cost gas wars. Phishing losses The latest theft highlights a wider trend of escalating phishing campaigns. Scam Sniffer reported that in August alone, attackers stole $12.17 million from more than 15,200 victims. That figure represented a 72% jump in losses compared with July. According to the firm, the most significant share of August’s damages came from three large accounts that accounted for nearly half…

Crypto whale loses $6M to sneaky phishing scheme targeting staked Ethereum

By: BitcoinEthereumNews
2025/09/19 02:31
Threshold
T$0.01672-0.23%
Moonveil
MORE$0.08764+1.88%
Movement
MOVE$0.1291+0.85%
TokenFi
TOKEN$0.01375+0.29%
BRC20.COM
COM$0.018397+2.92%

A crypto whale lost more than $6 million in staked Ethereum (stETH) and Aave-wrapped Bitcoin (aEthWBTC) after approving malicious signatures in a phishing scheme on Sept. 18, according to blockchain security firm Scam Sniffer.

According to the firm, the attackers disguised their move as a routine wallet confirmation through “Permit” signatures, which tricked the victim into authorizing fund transfers without triggering obvious red flags.

Yu Xian, founder of blockchain security company SlowMist, noted that the victim did not recognize the danger because the transaction required no gas fees. He wrote:

How Permit exploits work

Permit approvals were originally designed to simplify token transfers. Instead of submitting an on-chain approval and paying fees, a user can sign an off-chain message authorizing a spender.

That efficiency, however, has created a new attack surface for malicious players.

Once a user signs such a permit, attackers can combine two functions—Permit and TransferFrom—to drain assets directly. Because the authorization takes place off-chain, wallet dashboards show no unusual activity until the funds move.

As a result, the assets are gone when the approval executes on-chain, and tokens are redirected to the attacker’s wallet.

This loophole has made permit exploits increasingly attractive for malicious actors, who can siphon millions without needing complex hacks or high-cost gas wars.

Phishing losses

The latest theft highlights a wider trend of escalating phishing campaigns.

Scam Sniffer reported that in August alone, attackers stole $12.17 million from more than 15,200 victims. That figure represented a 72% jump in losses compared with July.

According to the firm, the most significant share of August’s damages came from three large accounts that accounted for nearly half of the total. This included one wallet that lost $3.08 million in a single exploit.

Meanwhile, the firm attributed the surge in losses to a rise in EIP-7702 batch-signature scams and direct transfers to malicious contracts.

Considering this, security experts have urged crypto users to be cautious when interacting with wallet requests and refuse demands that grant unlimited permissions to their wallets.

Mentioned in this article

Source: https://cryptoslate.com/crypto-whale-loses-6m-to-sneaky-phishing-scheme-targeting-staked-ethereum/

Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact service@support.mexc.com for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.
Share Insights

You May Also Like

Crypto News: Donald Trump-Aligned Fed Governor To Speed Up Fed Rate Cuts?

Crypto News: Donald Trump-Aligned Fed Governor To Speed Up Fed Rate Cuts?

The post Crypto News: Donald Trump-Aligned Fed Governor To Speed Up Fed Rate Cuts? appeared on BitcoinEthereumNews.com. In recent crypto news, Stephen Miran swore in as the latest Federal Reserve governor on September 16, 2025, slipping into the board’s last open spot right before the Federal Open Market Committee kicks off its two-day rate discussion. Traders are betting heavily on a 25-basis-point trim, which would bring the federal funds rate down to 4.00%-4.25%, based on CME FedWatch Tool figures from September 15, 2025. Miran, who’s been Trump’s top economic advisor and a supporter of his trade ideas, joins a seven-member board where just three governors come from Democratic picks, according to the Fed’s records updated that same day. Crypto News: Miran’s Background and Quick Path to Confirmation The Senate greenlit Miran on September 15, 2025, with a tight 48-47 vote, following his nomination on September 2, 2025, as per a recent crypto news update. His stint runs only until January 31, 2026, stepping in for Adriana D. Kugler, who stepped down in August 2025 for reasons not made public. Miran earned his economics Ph.D. from Harvard and worked at the Treasury back in Trump’s first go-around. Afterward, he moved to Hudson Bay Capital Management as an economist, then looped back to the White House in December 2024 to head the Council of Economic Advisers. There, he helped craft Trump’s “reciprocal tariffs” approach, aimed at fixing trade gaps with China and the EU. He wouldn’t quit his White House gig, which irked Senator Elizabeth Warren at the September 7, 2025, confirmation hearings. That limited time frame means Miran gets to cast a vote straight away at the FOMC session starting September 16, 2025. The full board now features Chair Jerome H. Powell (Trump pick, term ends 2026), Vice Chair Philip N. Jefferson (Biden, to 2036), and folks like Lisa D. Cook (Biden, to 2028) and Michael S. Barr…
DAR Open Network
D$0.03499+0.22%
Humanity
H$0.05662+6.01%
Threshold
T$0.01672-0.11%
Share
BitcoinEthereumNews2025/09/18 03:14
Share
CME Group to launch options on XRP and SOL futures

CME Group to launch options on XRP and SOL futures

The post CME Group to launch options on XRP and SOL futures appeared on BitcoinEthereumNews.com. CME Group will offer options based on the derivative markets on Solana (SOL) and XRP. The new markets will open on October 13, after regulatory approval.  CME Group will expand its crypto products with options on the futures markets of Solana (SOL) and XRP. The futures market will start on October 13, after regulatory review and approval.  The options will allow the trading of MicroSol, XRP, and MicroXRP futures, with expiry dates available every business day, monthly, and quarterly. The new products will be added to the existing BTC and ETH options markets. ‘The launch of these options contracts builds on the significant growth and increasing liquidity we have seen across our suite of Solana and XRP futures,’ said Giovanni Vicioso, CME Group Global Head of Cryptocurrency Products. The options contracts will have two main sizes, tracking the futures contracts. The new market will be suitable for sophisticated institutional traders, as well as active individual traders. The addition of options markets singles out XRP and SOL as liquid enough to offer the potential to bet on a market direction.  The options on futures arrive a few months after the launch of SOL futures. Both SOL and XRP had peak volumes in August, though XRP activity has slowed down in September. XRP and SOL options to tap both institutions and active traders Crypto options are one of the indicators of market attitudes, with XRP and SOL receiving a new way to gauge sentiment. The contracts will be supported by the Cumberland team.  ‘As one of the biggest liquidity providers in the ecosystem, the Cumberland team is excited to support CME Group’s continued expansion of crypto offerings,’ said Roman Makarov, Head of Cumberland Options Trading at DRW. ‘The launch of options on Solana and XRP futures is the latest example of the…
Solana
SOL$240.14+0.75%
Bitcoin
BTC$116,023.09+0.10%
TAP Protocol
TAP$0.384+0.26%
Share
BitcoinEthereumNews2025/09/18 00:56
Share
Unleashing A New Era Of Seller Empowerment

Unleashing A New Era Of Seller Empowerment

The post Unleashing A New Era Of Seller Empowerment appeared on BitcoinEthereumNews.com. Amazon AI Agent: Unleashing A New Era Of Seller Empowerment Skip to content Home AI News Amazon AI Agent: Unleashing a New Era of Seller Empowerment Source: https://bitcoinworld.co.in/amazon-ai-seller-tools/
BRC20.COM
COM$0.018384+1.74%
Sleepless AI
AI$0.1438+1.41%
ERA
ERA$0.7308+1.31%
Share
BitcoinEthereumNews2025/09/18 00:10
Share

Trending News

More

Crypto News: Donald Trump-Aligned Fed Governor To Speed Up Fed Rate Cuts?

CME Group to launch options on XRP and SOL futures

Unleashing A New Era Of Seller Empowerment

PayPal P2P, Google AI Payments, Miner Pivot — Crypto Biz

Ripple Celebrates 13-Year Milestone with Uphold’s Spotlight on XRP and RLUSD