TLDR
Victim signs EIP 712 'Permit2' message on phishing site ('claim airdrop', 'mint NFT'). Signature grants attacker infinite approval over USDC/USDT/WETH via Permit2 router (0x000000000022D473030F116dDEE9F6B43aC78BA3) without on chain tx...
How it works
Victim signs EIP 712 'Permit2' message on phishing site ('claim airdrop', 'mint NFT'). Signature grants attacker infinite approval over USDC/USDT/WETH via Permit2 router (0x000000000022D473030F116dDEE9F6B43aC78BA3) without on chain tx...
Red flags
- Urgent pressure to click, pay, or share codes immediately.
- A link or sender that does not match the official organization.
- Requests for card data, passwords, OTPs, wallet signatures, or bank transfers.
What to do
- 1Do not click, pay, install apps, or share verification codes.
- 2Verify through the official website, app, or phone number typed manually.
- 3If you already interacted, block cards or accounts and report the incident.
Source
Uniswap-Security
Source reviewed by Mythos Forensic Team
https://blog.uniswap.org/permit2-and-universal-routerFAQ
Is Permit2 phishing — Uniswap style infinite approval drain a real scam pattern?
Yes. Treat the message, call, or payment request as suspicious until you verify it through an official channel.
What are the first warning signs?
Urgent pressure to click, pay, or share codes immediately.; A link or sender that does not match the official organization.; Requests for card data, passwords, OTPs, wallet signatures, or bank transfers.
What should I do first?
Do not click, pay, install apps, or share verification codes.; Verify through the official website, app, or phone number typed manually.; If you already interacted, block cards or accounts and report the incident.
Can LegalAudit check my case?
Yes. Start a free chat and paste the message, link, sender, or payment details for triage.