Ethereum Wallet Drained of $440K USDC After Malicious Permit Signature

Published at 2025-12-09 08:46:20

A single Ethereum address was drained of 440,358 USDC after the user signed a malicious permit request, according to reports. By approving a forged permit signature, the victim effectively granted an attacker the right to transfer stablecoins directly, bypassing the usual on-chain allowance confirmation — a technique increasingly used in targeted phishing campaigns.

The theft underscores a growing pattern of permit-based exploits and social‑engineering attacks that put DeFi users and custodial services at risk. Beyond the immediate loss, the incident raises concerns about wallet UI clarity and the safety of off‑chain signature approvals. Users and platforms should be aware of unexpected signature prompts and review how wallets present permit requests, as attackers continue to evolve strategies that exploit signature flows across dApps and exchanges.

USDCSecurityEthereumWalletPhishingDeFi
Share on:

Related news

Circle Defends USDC Freezes Following $270M Drift Protocol Hack

Circle’s CEO defended the company’s authority to freeze USDC after the $270 million Drift Protocol exploit and urged faster legal frameworks to enable rapid, lawful responses to crypto hacks.

DriftUSDCRegulationStablecoin
Published at 2026-04-10 12:45:08
Circle Unveils Arc Fintech Starter for Multichain USDC Treasury Management

Circle has released Arc Fintech Starter, an open-source toolkit that helps developers build cross-chain USDC treasury solutions with automated bridging and unified payout controls. The move targets fintechs and web3 firms looking to simplify multichain cash management.

USDCTreasuryMultichainOpen-Source
Published at 2026-04-10 12:30:07
Aethir Stops Bridge Exploit, Vows Compensation After Under $90K Loss

Aethir says it halted a bridge exploit on its Ethereum-linked contracts, keeping losses below $90,000. Security firm PeckShield had earlier estimated the damage at about $400,000; Aethir pledged to compensate affected users.

BridgeEthereumSecurityPeckShieldAethirATH
Published at 2026-04-10 11:15:12
BlackRock Appoints Galaxy Digital as Validator for ETHB After $435M AUM

BlackRock has tapped Galaxy Digital to serve as a validator for ETHB, its staked-Ethereum ETF, after the fund’s assets topped $435 million on April 8. The appointment broadens the ETF’s validator roster and reflects rising institutional interest in ETH staking.

Galaxy DigitalEthereumETHBBlackRockStakingETFs
Published at 2026-04-09 21:45:38
Major Android Flaw Exposed Millions of Crypto Wallets to Hackers

Microsoft Defender researchers say a critical bug in a widely used third-party Android SDK may have exposed tens of millions of cryptocurrency wallets to potential data theft. Users and developers are urged to update apps and apply patches immediately.

SecurityCryptoAndroidWalletsMicrosoft Defender
Published at 2026-04-09 20:46:23

DeFi

All DeFi posts

Bitcoin

All Bitcoin posts

Derivatives

All Derivatives posts

On-Chain

All On-Chain posts

Dogecoin

All Dogecoin posts