ERC-2612 tokens contain a "gas-less transfer" feature that allows attackers to drain them using just the owner’s signature.
A new scam circulating on Telegram allows the attacker to drain a victim’s crypto wallet without the victim needing to confirm a transaction, according to user reports and blockchain data.
The scam only works on tokens that comply with the ERC-2612 token standard, which allows for “gas-less” transfers or transfers by a wallet that does not hold Ether (ETH). While the method does not require users to approve a transaction, it appears to require tricking the user into signing a message.
As more tokens implement the ERC-2612 standard, this particular type of attack may become more prevalent.