Blockchain sleuth zachxbt was able to coordinate with the project to organize a community governance vote to burn the stolen tokens before the attacker was able to cash out. Although this doesn't return the stolen funds to their original owner, it at least keeps the attacker from profiting.
"The AI Protocol" burns tokens after holder suffers $4.3 million theft
Someone who held over 111.6 million ALI tokens from a project called The AI Protocol was phished by someone using a wallet drainer service using a permit phishing technique. The tokens were priced at around $4.3 million.
NFT collector SOL Big Brain loses around $1.5 million to phishing scam
The NFT collector SOL Big Brain lost around $1.5 million in ETH, stablecoins, and the Gearbox token after being targeted in a phishing scam. The attacker apparently compromised a Telegram account belonging to a founder of a portfolio company, then used it to message SOL Big Brain to ask him to claim his vested tokens. SOL Big Brain double checked that the sender was indeed the founder of the company, and did as he was instructed.
However, the attacker had set up a contract which used permit phishing to drain SOL Big Brain's wallet. He lost $740,000 in stablecoins, $550,000 in ETH, and another $200,000 in the GEAR token.
"Today is a bad day," wrote SOL Big Brain on Twitter.
Individuals lose millions in "permit phishing" scams
Between March and April 2023, the Scam Sniffer organization has identified at least $7.7 million stolen by so-called "permit phishers". These attackers convince their victims to sign malicious crypto transactions that use the "permit" functionality, which allows the attackers to siphon funds from the crypto wallets. This type of attack has existed for over a year, but there have been some high-value instances of the attack lately.
On March 11, ScamSniffer tweeted that they had detected 162 instances of the scam, totaling almost $4 million stolen, over the prior two days. On March 24, an individual wallet lost $4 million. Similar attacks on April 19, April 21, and April 30 saw individual wallets lose $449,000, $1.04 million, and $2.28 million, respectively.