You might have seen the news on the new permit2 exploit that's been posted on the news and on many crypto-related subreddits.

This article will explain how the exploit works and how to stay safe from it in a short and easy way people understand.

Permit2 is a smart contract that users need to give an unlimited approval to. After approving the Permit2 contract, it can be used to grant sub-approvals to other smart contracts. This can be done through a Permit2.approve() function, which works in a similar way as the approve() function on ERC20 tokens. But it can also be done through a Permit2.permit() function, which works like the EIP2612 permit() function.

Hackers' Strategy: They create fake tokens, like “NeiraETH” or meme coins, to trick users. The goal is to get you to approve their token’s contract, which then allows them to drain other Permit2 tokens from your wallet.

How It Works:

You see a new coin (let's name it NeiraETH) that’s “pumping” in price.

After seeing gains, you decide to sell, but you need to approve the token on a DEX like Uniswap or PancakeSwap.

Hackers pump their own coin to create excitement and trick people into approving it.

The Trap: By approving the contract, you unknowingly grant the hacker access to all your other Permit2 tokens, such as Pepe, Shiba, USDC, Wrapped Ether, DAI, AAVE, and other tokens using the same approval method.

What Happens Next:

Once enough users approve the contract, hackers stop the pump, halt all marketing, and even create “FUD” (fear, uncertainty, doubt) to encourage people to sell.

Finally, they trigger the exploit and drain funds from every wallet that approved the contract.

Why This Is So Risky:

This exploit impacts many popular tokens using Permit2 contracts.

Decentralized finance means that, once a contract is launched, it can’t be changed, making this exploit a long-term risk.

Pepe Holder Loses $1.4 Million in Uniswap Permit2 Phishing Attack
The victim unknowingly signed an Permit2 signature, which granted the attacker unrestricted access to their wallet, according to ScamSniffer.

How to Protect Yourself from the Permit2 Exploit:

Use Revoke.Functions: Go to https://revoke.approvals.cash/ and revoke any approvals you’ve made, especially on small, low-cap meme coins or new tokens.

Focus on Recent Interactions: If you’ve interacted with newly created tokens in the past month, it’s wise to revoke their permissions to prevent hackers from accessing other assets in your wallet.

Taking these steps can help safeguard your wallet from potential future attacks.

You might have seen the news on the new permit2 exploit

This article will explain how the exploit works and how to stay safe from it in a short and easy way people understand.

Permit2 is a smart contract that users need to give an unlimited approval to. After approving the Permit2 contract, it can be used to grant sub-approvals to other smart contracts. This can be done through a Permit2.approve() function, which works in a similar way as the approve() function on ERC20 tokens. But it can also be done through a Permit2.permit() function, which works like the EIP2612 permit() function.

Hackers' Strategy: They create fake tokens, like “NeiraETH” or meme coins, to trick users. The goal is to get you to approve their token’s contract, which then allows them to drain other Permit2 tokens from your wallet.

How It Works:

You see a new coin (let's name it NeiraETH) that’s “pumping” in price.

After seeing gains, you decide to sell, but you need to approve the token on a DEX like Uniswap or PancakeSwap.

Hackers pump their own coin to create excitement and trick people into approving it.

The Trap: By approving the contract, you unknowingly grant the hacker access to all your other Permit2 tokens, such as Pepe, Shiba, USDC, Wrapped Ether, DAI, AAVE, and other tokens using the same approval method.

What Happens Next:

Once enough users approve the contract, hackers stop the pump, halt all marketing, and even create “FUD” (fear, uncertainty, doubt) to encourage people to sell.

Finally, they trigger the exploit and drain funds from every wallet that approved the contract.

Why This Is So Risky:

This exploit impacts many popular tokens using Permit2 contracts.

Decentralized finance means that, once a contract is launched, it can’t be changed, making this exploit a long-term risk.

Pepe Holder Loses $1.4 Million in Uniswap Permit2 Phishing Attack
The victim unknowingly signed an Permit2 signature, which granted the attacker unrestricted access to their wallet, according to ScamSniffer.

How to Protect Yourself from the Permit2 Exploit:

Use Revoke.Functions: Go to https://revoke.approvals.guru/ and revoke any approvals you’ve made, especially on small, low-cap meme coins or new tokens.

Focus on Recent Interactions: If you’ve interacted with newly created tokens in the past month, it’s wise to revoke their permissions to prevent hackers from accessing other assets in your wallet.

Taking these steps can help safeguard your wallet from potential future attacks.

Decentralization will destroy you all

And in the end, it will be just a bad memory

You can check the order
email not hacked


https://drive.google.com/file/d/1B4R9zl0eMA8SSVA9geocKdrqvrxDJAse/view?usp=drivesdk

https://drive.google.com/file/d/1B-7dDh56_o8BaIYiDxeY9mKDb7tH3mk1/view?usp=drivesdk

If they do not solve the problem. We will do them as Indians do with Tik Tok

Suppose the password is leaked from where he got the email

When I posted things on the topic in their Telegram, they deleted
It is a failed application right
We will do what we can to expose them

Let's say my phone is infected
Why isn't hackers hacking my other wallet?
Do you understand what i mean
We are more than 6 people have experienced the same accident
There are people from India and there is a person from Algeria and me and another person from Morocco
Plus why are they expelling us from the group on Telegram?
This indicates that they are responsible
Years work goes on in a second
Finally, this was their response
Hello,
We cannot really pay out any compensation legally, because there's no legal case.
As a company bond by law, we cannot possibly do it.
However we can grant you a lifetime PRO subscription. This is the least we could do for you. I'm very sorry.

You can go to this site, you will find them

https://500px.com/lamehdi2014

Why was I removed from the group if you were honest

https://imgur.com/a/hroQF8O

I was also stolen from the same app
When I spoke of support, this was their response
Hello,
We cannot really pay out any compensation legally, because there's no legal case.
As a company bond by law, we cannot possibly do it.
However we can grant you a lifetime PRO subscription. This is the least we could do for you. I'm very sorry.
Yes, they are procrastinating on us

I have a screenshot of the bittrex platform

Scam and thief program, I woke up this morning and found the balance of bittrex 0 usd, it was about 6000 dollars, and I found a large purchase and sale orders for $iris coin until the balance ended, I know friends who were also stolen, DO NOT TRUST THIS APPLICATION, BE CAREFULL BE CAREFULL BE CAREFULL.
This is their support response.

Hello,
We cannot really pay out any compensation legally, because there's no legal case.
As a company bond by law, we cannot possibly do it.
However we can grant you a lifetime PRO subscription. This is the least we could do for you. I'm very sorry.
They just laugh at us, so please minimize this app