The post Crypto whale loses $6M to sneaky phishing scheme targeting staked Ethereum appeared on BitcoinEthereumNews.com. A crypto whale lost more than $6 million in staked Ethereum (stETH) and Aave-wrapped Bitcoin (aEthWBTC) after approving malicious signatures in a phishing scheme on Sept. 18, according to blockchain security firm Scam Sniffer. According to the firm, the attackers disguised their move as a routine wallet confirmation through “Permit” signatures, which tricked the victim into authorizing fund transfers without triggering obvious red flags. Yu Xian, founder of blockchain security company SlowMist, noted that the victim did not recognize the danger because the transaction required no gas fees. He wrote: “From the victim’s perspective, he just clicked a few times to confirm the wallet’s pop-up signature requests, didn’t spend a single penny of gas, and $6.28 million was gone.” How Permit exploits work Permit approvals were originally designed to simplify token transfers. Instead of submitting an on-chain approval and paying fees, a user can sign an off-chain message authorizing a spender. That efficiency, however, has created a new attack surface for malicious players. Once a user signs such a permit, attackers can combine two functions—Permit and TransferFrom—to drain assets directly. Because the authorization takes place off-chain, wallet dashboards show no unusual activity until the funds move. As a result, the assets are gone when the approval executes on-chain, and tokens are redirected to the attacker’s wallet. This loophole has made permit exploits increasingly attractive for malicious actors, who can siphon millions without needing complex hacks or high-cost gas wars. Phishing losses The latest theft highlights a wider trend of escalating phishing campaigns. Scam Sniffer reported that in August alone, attackers stole $12.17 million from more than 15,200 victims. That figure represented a 72% jump in losses compared with July. According to the firm, the most significant share of August’s damages came from three large accounts that accounted for nearly half… The post Crypto whale loses $6M to sneaky phishing scheme targeting staked Ethereum appeared on BitcoinEthereumNews.com. A crypto whale lost more than $6 million in staked Ethereum (stETH) and Aave-wrapped Bitcoin (aEthWBTC) after approving malicious signatures in a phishing scheme on Sept. 18, according to blockchain security firm Scam Sniffer. According to the firm, the attackers disguised their move as a routine wallet confirmation through “Permit” signatures, which tricked the victim into authorizing fund transfers without triggering obvious red flags. Yu Xian, founder of blockchain security company SlowMist, noted that the victim did not recognize the danger because the transaction required no gas fees. He wrote: “From the victim’s perspective, he just clicked a few times to confirm the wallet’s pop-up signature requests, didn’t spend a single penny of gas, and $6.28 million was gone.” How Permit exploits work Permit approvals were originally designed to simplify token transfers. Instead of submitting an on-chain approval and paying fees, a user can sign an off-chain message authorizing a spender. That efficiency, however, has created a new attack surface for malicious players. Once a user signs such a permit, attackers can combine two functions—Permit and TransferFrom—to drain assets directly. Because the authorization takes place off-chain, wallet dashboards show no unusual activity until the funds move. As a result, the assets are gone when the approval executes on-chain, and tokens are redirected to the attacker’s wallet. This loophole has made permit exploits increasingly attractive for malicious actors, who can siphon millions without needing complex hacks or high-cost gas wars. Phishing losses The latest theft highlights a wider trend of escalating phishing campaigns. Scam Sniffer reported that in August alone, attackers stole $12.17 million from more than 15,200 victims. That figure represented a 72% jump in losses compared with July. According to the firm, the most significant share of August’s damages came from three large accounts that accounted for nearly half…

Crypto whale loses $6M to sneaky phishing scheme targeting staked Ethereum

By: BitcoinEthereumNews
2025/09/19 02:31
Threshold
T$0.0167-0.29%
Moonveil
MORE$0.08756+1.49%
Movement
MOVE$0.1291+0.78%
TokenFi
TOKEN$0.01371-0.21%
BRC20.COM
COM$0.017957+0.53%

A crypto whale lost more than $6 million in staked Ethereum (stETH) and Aave-wrapped Bitcoin (aEthWBTC) after approving malicious signatures in a phishing scheme on Sept. 18, according to blockchain security firm Scam Sniffer.

According to the firm, the attackers disguised their move as a routine wallet confirmation through “Permit” signatures, which tricked the victim into authorizing fund transfers without triggering obvious red flags.

Yu Xian, founder of blockchain security company SlowMist, noted that the victim did not recognize the danger because the transaction required no gas fees. He wrote:

How Permit exploits work

Permit approvals were originally designed to simplify token transfers. Instead of submitting an on-chain approval and paying fees, a user can sign an off-chain message authorizing a spender.

That efficiency, however, has created a new attack surface for malicious players.

Once a user signs such a permit, attackers can combine two functions—Permit and TransferFrom—to drain assets directly. Because the authorization takes place off-chain, wallet dashboards show no unusual activity until the funds move.

As a result, the assets are gone when the approval executes on-chain, and tokens are redirected to the attacker’s wallet.

This loophole has made permit exploits increasingly attractive for malicious actors, who can siphon millions without needing complex hacks or high-cost gas wars.

Phishing losses

The latest theft highlights a wider trend of escalating phishing campaigns.

Scam Sniffer reported that in August alone, attackers stole $12.17 million from more than 15,200 victims. That figure represented a 72% jump in losses compared with July.

According to the firm, the most significant share of August’s damages came from three large accounts that accounted for nearly half of the total. This included one wallet that lost $3.08 million in a single exploit.

Meanwhile, the firm attributed the surge in losses to a rise in EIP-7702 batch-signature scams and direct transfers to malicious contracts.

Considering this, security experts have urged crypto users to be cautious when interacting with wallet requests and refuse demands that grant unlimited permissions to their wallets.

Mentioned in this article

Source: https://cryptoslate.com/crypto-whale-loses-6m-to-sneaky-phishing-scheme-targeting-staked-ethereum/

Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact service@support.mexc.com for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.
Share Insights

You May Also Like

Best Crypto to Buy as Saylor & Crypto Execs Meet in US Treasury Council

Best Crypto to Buy as Saylor & Crypto Execs Meet in US Treasury Council

The post Best Crypto to Buy as Saylor & Crypto Execs Meet in US Treasury Council appeared on BitcoinEthereumNews.com. Michael Saylor and a group of crypto executives met in Washington, D.C. yesterday to push for the Strategic Bitcoin Reserve Bill (the BITCOIN Act), which would see the U.S. acquire up to 1M $BTC over five years. With Bitcoin being positioned yet again as a cornerstone of national monetary policy, many investors are turning their eyes to projects that lean into this narrative – altcoins, meme coins, and presales that could ride on the same wave. Read on for three of the best crypto projects that seem especially well‐suited to benefit from this macro shift:  Bitcoin Hyper, Best Wallet Token, and Remittix. These projects stand out for having a strong use case and high adoption potential, especially given the push for a U.S. Bitcoin reserve.   Why the Bitcoin Reserve Bill Matters for Crypto Markets The strategic Bitcoin Reserve Bill could mark a turning point for the U.S. approach to digital assets. The proposal would see America build a long-term Bitcoin reserve by acquiring up to one million $BTC over five years. To make this happen, lawmakers are exploring creative funding methods such as revaluing old gold certificates. The plan also leans on confiscated Bitcoin already held by the government, worth an estimated $15–20B. This isn’t just a headline for policy wonks. It signals that Bitcoin is moving from the margins into the core of financial strategy. Industry figures like Michael Saylor, Senator Cynthia Lummis, and Marathon Digital’s Fred Thiel are all backing the bill. They see Bitcoin not just as an investment, but as a hedge against systemic risks. For the wider crypto market, this opens the door for projects tied to Bitcoin and the infrastructure that supports it. 1. Bitcoin Hyper ($HYPER) – Turning Bitcoin Into More Than Just Digital Gold The U.S. may soon treat Bitcoin as…
Chainbase
C$0.2609+2.33%
DAR Open Network
D$0.03503+0.25%
Threshold
T$0.01673-0.11%
Share
BitcoinEthereumNews2025/09/18 00:27
Share
Adam Wainwright Takes The Mound Again Honor Darryl Kile

Adam Wainwright Takes The Mound Again Honor Darryl Kile

The post Adam Wainwright Takes The Mound Again Honor Darryl Kile appeared on BitcoinEthereumNews.com. Adam Wainwright of the St. Louis Cardinals in the dugout during the second inning against the Miami Marlins at Busch Stadium on July 18, 2023 in St. Louis, Missouri. (Photo by Brandon Sloter/Image Of Sport/Getty Images) Getty Images St. Louis Cardinals lifer Adam Wainwright is a pretty easygoing guy, and not unlikely to talk with you about baseball traditions and barbecue, or even share a joke. That personality came out last week during our Zoom call when I mentioned for the first time that I’m a Chicago Cubs fan. He responded to the mention of my fandom, “So far, I don’t think this interview is going very well.” Yet, Wainwright will return to Busch Stadium on September 19 on a more serious note, this time to honor another former Cardinal and friend, the late Darryl Kile. Wainwright will take the mound not as a starting pitcher, but to throw out the game’s ceremonial first pitch. Joining him on the mound will be Kile’s daughter, Sierra, as the two help launch a new program called Playing with Heart. “Darryl’s passing was a reminder that heart disease doesn’t discriminate, even against elite athletes in peak physical shape,” Wainwright said. “This program is about helping people recognize the risks, take action, and hopefully save lives.” Wainwright, who played for the St. Louis Cardinals as a starting pitcher from 2005 to 2023, aims to merge the essence of baseball tradition with a crucial message about heart health. Kile, a beloved pitcher for the Cardinals, tragically passed away in 2002 at the age of 33 as a result of early-onset heart disease. His sudden death shook the baseball world and left a lasting impact on teammates, fans, and especially his family. Now, more than two decades later, Sierra Kile is stepping forward with Wainwright to…
MemeCore
M$2.63097+11.17%
Threshold
T$0.01673-0.11%
Seed.Photo
PHOTO$1.162-3.32%
Share
BitcoinEthereumNews2025/09/18 02:08
Share
Tired Of Altcoin Price Slumps? Crypto Analysts Are Saying The BFX Could Be The Best Crypto To Buy In 2025

Tired Of Altcoin Price Slumps? Crypto Analysts Are Saying The BFX Could Be The Best Crypto To Buy In 2025

BlockchainFX has raised $7.5M, offers 500+ tradable assets, daily USDT rewards, token burns, and a presale Visa Card. At $0.024, analysts see BFX as a top 2025 buy.
Altcoin
ALTCOIN$0.0005319+8.06%
TokenFi
TOKEN$0.01376+0.36%
TOP Network
TOP$0.000096--%
Share
Blockchainreporter2025/09/20 23:35
Share

Trending News

More

Best Crypto to Buy as Saylor & Crypto Execs Meet in US Treasury Council

Adam Wainwright Takes The Mound Again Honor Darryl Kile

Tired Of Altcoin Price Slumps? Crypto Analysts Are Saying The BFX Could Be The Best Crypto To Buy In 2025

CME pushes Solana, XRP into derivatives spotlight with new options

New Trump appointee Miran calls for half-point cut in only dissent as rest of Fed bands together