While the bulk of the funds were drained Wednesday night, the malicious permission requests may have been made weeks prior to the attack. Though the protocol contracts are paused, community members are advising that depositors use tools like Debank and Unrekt to revoke permissions for the malicious contract.