Uniswap Permit2 Phishing: $1 Million Loss Highlights Risk
The post Uniswap Permit2 Phishing: $1 Million Loss Highlights Risk appeared on BitcoinEthereumNews.com. One trader is out roughly $1 million after a phishing attack turned Uniswap’s own convenience feature against them. No protocol was hacked. No vulnerability was exploited in the traditional sense. The trader simply signed a message they shouldn’t have — and that was enough. Key takeaways A trader lost approximately $1 million after being tricked into signing a malicious Uniswap Permit2 message, granting attackers full wallet access. A separate victim lost $196,000 in a similar attack involving the $VIRTUAL token. Approval phishing has generated over $1 billion in reported losses since 2021 and shows no sign of slowing. Chainalysis reported $14 billion in total onchain scam losses in 2025, up from $12 billion in 2024; CertiK logged $370 million from phishing alone in January 2026. Tools like Revoke.cash let users audit and cancel token approvals, including Permit2 permissions — one of