OnChain data shows that an encrypted user lost $908,551 458 days after signing a malicious approval transaction.
The attack originated from the ERC-20 approved transaction – possibly signed through a website or a fake gas disk – which allowed the fraudster’s wallet “0x67E5AE” to continue to allow the victim’s funds.
The cheater (associated with the infamous pink drainer.eth Wallet address) burgled at 4:57 am on August 2, UTC, theft $908,551 USDC (USDC) stablecoin, scam sniffer tip Theft on X. The theft occurred 458 days after the victim signed the phishing approval transaction on April 30, 2024.
Security incidents prompted scam sniffers to remind encrypted users to “repeatedly review and revoke old approvals”, otherwise hard-earned funds could be risky.
It added: “It is important that your wallet is safe.”
The patience of the liar is rewarded
Until a month ago, the victim’s wallet torture saw minimal transaction activity, with little value – the attacker had no motivation to take action.
On July 2, when the victim deposited $762,397 into the contaminated wallet address “0x6c0eb6”, metamask wallet UTC at 8:41 pm.
Ten minutes later, an additional $146,154 USDC was transferred from A to the same wallet Broken wallet.
Related: $3.5B Bitcoin robbery retrospectively discovered from 2020 – Arkham Intel
The scammers may monitor their wallets next month, waiting to see if more funds are inflowing into it, and then decide to run out of funds in a transaction on August 2.
This delayed strike is a defining feature of a phishing approval attack: the scammers wait for months, only impressed when the victim’s wallet balance makes it worth it.
Tools already exist to prevent these attacks
To prevent such attacks, Ethereum users can use Etherscan’s token recognition checker to review and revoke unnecessary token approvals – although each revocation requires one Gasoline fee.
Bad actors and liars Stealed more than $142 million At least 17 separate attacks from crypto space in July, exploitation Crypto Exchange Coindcx Consider the most significant losses.
Magazine: Stealing cryptocurrency from real users in a 30,000-phone robot farm
