TechFlow reported on November 5 that according to ScamSniffer's October 2024 cryptocurrency phishing scam report, approximately 12,000 victims lost $20.2 million in phishing attacks. Compared to September, stolen funds decreased by 56%, but the number of victims increased by 20%.
The report highlighted several major incidents, the largest being a single victim losing $5.87 million worth of fwDETH restaking tokens (originally valued at $35 million) on the Blast chain due to a malicious Permit signature. Limited liquidity prevented further losses but caused DETH to become depegged.
Other cases include:
-
$2.3 million in Aave Ethereum sDAI lost via Permit signature;
-
$1.6 million lost on Arbitrum via malicious Permit;
-
$1 million in various assets stolen via Uniswap Permit2 signature;
-
$800,000 lost after EigenLayer’s X account was compromised.




