Crypto victim loses $908K in sophisticated phishing attack

Bitget App

Trade smarter

Bitget

News

CryptoNewsNet2025/08/03 02:15

By:cointelegraph.com

A crypto user lost $908,551 to a wallet-draining scam 458 days after unknowingly signing a malicious approval transaction, onchain data shows.

The attack originated from an ERC-20 approval transaction — likely signed via a phishing site or fake airdrop — that gave the scammer’s wallet, “0x67E5Ae,” ongoing permission to access the victim’s funds.

The scammer — linked to the notorious pink-drainer.eth wallet address — executed the theft on Aug. 2 at 4:57am UTC, stealing $908,551 worth of the USDC (USDC) stablecoin, Scam Sniffer pointed out on X. The theft came 458 days after the victim signed the phishing approval transaction on April 30, 2024.

The security incident prompted Scam Sniffer to remind crypto users to “regularly review and revoke old approvals,” or else, hard-earned funds may be at risk.

“Your wallet security matters,” it added.

Crypto victim loses $908K in sophisticated phishing attack image 0

Source: Scam Sniffer

The scammer’s patience paid off

Until a month ago, the victim’s compromised wallet had seen minimal transaction activity and held little value — giving the attacker no incentive to act.

That changed on July 2, when the victim deposited $762,397 into the tainted wallet address, “0x6c0eB6,” from a MetaMask wallet at 8:41pm UTC.

Ten minutes later, another $146,154 in USDC was transferred into the same wallet from a Kraken wallet.

Related: $3.5B Bitcoin heist from 2020 retroactively uncovered — Arkham Intel

The scammer likely monitored the wallet over the next month, waiting to see if more funds would flow into it before deciding to drain the funds in a single transaction on Aug. 2.

This delayed strike is a defining trait of phishing approval attacks: scammers wait around for months, striking only when the victim’s wallet balance makes it worthwhile.

Tools already exist to prevent these attacks

To help prevent such attacks, Ethereum users can use Etherscan’s Token Approval Checker to review and revoke unnecessary token approvals — though each revocation requires a gas fee.

Bad actors and scammers stole over $142 million from the crypto space in July across at least 17 separate attacks, with the exploit of crypto exchange CoinDCX accounting for the most significant loss.

Magazine: Inside a 30,000 phone bot farm stealing crypto airdrops from real users

Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.

PoolX: Earn new token airdrops

Lock your assets and earn 10%+ APR

Lock now!

The US crypto regulatory framework is undergoing a redistribution of authority, with clear divisions of responsibility between the CFTC and SEC: the SEC focuses on securities, while the CFTC is responsible for the spot market of digital commodities. The advancement of new bills and the arrangement of hearings indicate that the regulatory boundaries have been formally clarified in official documents for the first time. Summary generated by Mars AI. This summary is generated by the Mars AI model, and the accuracy and completeness of its content are still being iteratively updated.

MarsBit•2025/11/15 18:16

Major Overhaul in US Crypto Regulation: CFTC May Fully Take Over the Spot Market

Oil price rebound alert! Russia's largest oil port attacked, 2% of global supply disrupted

A Ukrainian drone attack has caused the suspension of oil exports at Russia's Novorossiysk port, interrupting a daily supply of 2.2 million barrels. As a result, international oil prices surged by over 2%.

Jin10•2025/11/15 18:09