Victim Recovers Majority of Stolen Funds After Ethereum Permit Phishing Attack

An individual who fell victim to a permit phishing attack, resulting in the loss of 1,807 liquid staked Ether (ETH) worth $6.91 million on May 26, has reportedly received a significant portion of the stolen funds back from the scammers. According to reports, the victim managed to recoup 1,445 Ether, equivalent to 80% of the stolen funds, while the scammers allegedly retained a 20% bounty. The attack exploited a vulnerability in Ethereum permits introduced through EIP-2612, allowing scammers to generate authentic off-chain authorization signatures for transferring ERC-20 tokens from wallets not owned by them. This incident underscores the importance of implementing security measures such as periodic use of authorization tools and vigilance against phishing attempts to safeguard against such attacks. Despite sympathy for the victim, some critics questioned their repeated vulnerability to phishing attacks, highlighting the need for increased awareness and caution in the cryptocurrency space, where scams have been on the rise.