Crypto Victim Loses $908,551 in 458-Day Phishing Scam

Generated by AI AgentCoin World
Sunday, Aug 3, 2025 6:08 pm ET1min read
Aime RobotAime Summary

- A crypto user lost $908,551 after unknowingly granting wallet access via a phishing scam spanning 458 days.

- The scammer exploited an ERC-20 approval signed on April 30, 2024, to drain funds 11 months later through MetaMask and Kraken.

- Experts warn that delayed phishing attacks using outdated wallet permissions are growing, with over $41M lost in similar schemes recently.

- Security researchers urge users to regularly revoke old approvals and monitor permissions to prevent prolonged unauthorized access.

A cryptocurrency user became a victim of a highly sophisticated phishing scam, losing $908,551 in a theft that unfolded over 458 days. The attack began on April 30, 2024, when the victim unknowingly signed an ERC-20 approval transaction, granting full access to their wallet. Although no immediate theft occurred, the scammer remained dormant until July 2, 2025, when a large deposit of over $908,000 was made into the account. Less than ten minutes after the deposit, the scammer initiated a series of transfers: $762,397 through a MetaMask address and $146,154 through Kraken. The final theft took place on August 2, 2025, at 4:57 am UTC, when the attacker drained the entire amount in a single transaction [1].

The attack highlights the stealth and patience of modern phishing schemes. Unlike traditional scams that act quickly, this fraudster waited for the right moment—when the wallet held a substantial balance—before making the move. The scam involved a contract linked to a MetaMask address identified as pink-drainer.eth. This case is a stark reminder of how prolonged access, granted through a single approval, can lead to massive losses.

Security researchers have repeatedly warned users to revoke old approvals and regularly review their wallet permissions. In this case, the victim likely authorized the access through a phishing website or a fraudulent airdrop, common vectors for such scams. Once granted, these permissions allow unauthorized access for extended periods, making recovery nearly impossible [1]. Scam Sniffer, a security researcher, emphasized that outdated approvals are a significant risk and advised users to actively monitor their wallet permissions [1].

Phishing attacks that exploit wallet approvals are becoming increasingly common. In the short term, over $41 million has been lost through similar schemes. Attackers use fake tokens and malicious contracts to trick users into signing approvals unknowingly. These methods are particularly dangerous because they do not always involve immediate theft, making it harder for victims to detect the compromise until it is too late.

The broader threat of phishing in the crypto space is growing. Cybercriminals use various tactics, including fake emails, landing pages, and social engineering, to gain access to private wallets or credentials. In many cases, victims are deceived into paying ransoms or transferring funds to fraudulent addresses. With the increasing complexity of these attacks, both casual users and large crypto holders are at risk.

Experts stress the importance of wallet security, advising users to revoke outdated approvals, review permissions carefully, and remain cautious about unsolicited requests related to cryptocurrency. As phishing techniques evolve, staying informed and proactive is essential to protecting digital assets [1].

Source: [1] Crypto Victim Loses $908K in Sneaky Phishing Heist (https://www.livebitcoinnews.com/crypto-victim-loses-908k-in-sneaky-phishing-heist/)

Comments



Add a public comment...
No comments

No comments yet