A crypto investor has fallen victim to a sophisticated phishing scam, resulting in a staggering loss of $4.39 million worth of $ALI (Alitas Protocol) and $PUSH (PushPad) crypto tokens. The incident, which occurred on March 1st, shows the growing growing number of cyberattacks by hackers and cybercriminals in the cryptocurrency space.
According to the available information, the victim’s wallet address is 0x7653c9364bb800e1136aa0634c4629ebe76a744e, while the scammers’ addresses are 0x84672cc56b6dad30cfa5f9751d9ccae6c39e29cd and 0x2ee9a1751b6c8034961cb192bf3a8b9110621edb.
The attack was executed when the victim signed a malicious Uniswap Permit2’s Permit Batch message, granting the hackers access to a Safe wallet address, which they promptly exploited to drain wallet’s funds.
The incident was first reported three days ago by Scam Sniffer | Web3 Anti-Scam Twitter account, highlighting how phishing attacks have become increasingly sophisticated and profitable, with scammers employing a wide array of tactics to trick investors into granting access to their crypto wallets.
Phishing have various forms, which includes fake websites, fraudulent emails, fake online web wallets and even targeted social engineering campaigns. To avoid being the next victim, it is important for crypto to exercise extreme caution when using any platform or service related to cryptocurrency wallets.