PANews reported on November 11th that the GoPlus Chinese community posted on the X platform that Balancer hackers used the Permit authorization to pull off a successful escape. This morning, the Balancer attackers used the permit() authorization to transfer 195 stS tokens (worth approximately $3 million) frozen in the Sonic address 0xf19…fae2 to a new address: 0x0e9c…44D5, and then exchanged them for WBTC/ETH. The reason for the freeze's failure is that the freeze occurred at the native chain level, affecting only the S token and not other ERC20 tokens (such as stS in this case). stS has a permit() method, and the off-chain signature for permit() does not require the frozen address to pay S, thus rendering the freeze ineffective.