Crypto Victim Loses $908,551 In Delayed Phishing Attack

Crypto victim loses $908K in sophisticated phishing attack

A victim lost $908,551 in a crypto phishing scam 15 months after signing a malicious approval transaction. The scammer waited until two large deposits were made before striking.

COINTELEGRAPH IN YOUR SOCIAL FEED

A crypto user lost $908,551 to a wallet-draining scam 458 days after unknowingly signing a malicious approval transaction, onchain data shows.

The attack originated from an ERC-20 approval transaction — likely signed via a phishing site or fake airdrop — that gave the scammer’s wallet, “0x67E5Ae,” ongoing permission to access the victim’s funds.

The scammer — linked to the notorious pink-drainer.eth wallet address — executed the theft on Aug. 2 at 4:57am UTC, Kraken wallet.

The scammer likely monitored the wallet over the next month, waiting to see if more funds would flow into it before deciding to drain the funds in a single transaction on Aug. 2.

This delayed strike is a defining trait of phishing approval attacks: scammers wait around for months, striking only when the victim’s wallet balance makes it worthwhile.

Tools already exist to prevent these attacks

To help prevent such attacks, Ethereum users can use Etherscan’s Token Approval Checker to review and revoke unnecessary token approvals — though each revocation requires a gas fee.

Bad actors and scammers stole over $142 million from the crypto space in July across at least 17 separate attacks, with the exploit of crypto exchange CoinDCX accounting for the most significant loss.

Magazine: Inside a 30,000 phone bot farm stealing crypto airdrops from real users