Open Ivan1905 opened 7 months ago
Ivan1905
commented
7 months ago Here's another one linked with uniswap, that could be linked with the above issue.
Here, victim was drained in wbtc and funds swapped to weth and transferred to another address (scammer).
Ivan1905
commented
6 months ago More information about the permit2 here: https://medium.com/@romanrakhlin/the-dark-side-of-permits-eip2612-c66ff71bf635
Also the scam detector failed to detect this scam prior to its execution. Here the tx Apparently the address that the victim interacted was 0x50C47a3B581bf242e908335eeC081f0fE6CEEaa9
Vxatz
commented
3 months ago Re the 1st, I've created and I'm testing ICE-PHISHING-UNISWAP-PERMIT2 alert.
The 2nd isn't simple to catch, because it's the victim calling the function to swap (there's no permit/approval)
Re the 3rd, the "permit" alert was triggered but the "transfer of permitted assets" wasn't. This probably happened due to an issue with syncing state (i.e. the permission) between nodes of different shards. This will be fixed with V2, with this there'll be no sharding. (a scammer alert was emitted by the Scam Detector, due to the blocksec phishing alert)
Forta did not catch the following ice phishing scam According to the thread, seems it was a Uniswap Permit2 phishing signature issue.
Seems this was the address that the victim interacted with 0xF172d29dAbf99C42eA3c73CA16F77E3dEcB2ac31
Then funds were transferred across different EOAs: