Ethereum News Today: Ethereum user loses $908,551 in delayed phishing attack after 458-day-old approval

Generated by AI AgentCoin World
Saturday, Aug 2, 2025 11:16 pm ET1min read
Aime RobotAime Summary

- An Ethereum user lost $908,551 in a delayed phishing attack exploiting a 458-day-old approval transaction.

- The attacker (pink-drainer.eth) executed the theft after the victim’s wallet accumulated significant funds in late June 2025.

- Phishing approvals often remain active indefinitely, highlighting the need for regular token approval reviews and revocations.

- Such attacks are growing, with over $142 million stolen in July 2025 alone, underscoring the urgency for improved user education and security measures.

An Ethereum user recently suffered a massive loss of $908,551 due to a delayed phishing attack linked to an approval transaction signed nearly 458 days prior. The exploit was traced by on-chain security firm ScamSniffer and highlighted through reports from Cointelegraph and other outlets [1]. The attacker, identified with the wallet address pink-drainer.eth, executed the theft on August 2 at 4:57am UTC, draining USDC from the victim’s wallet. The malicious approval was likely granted through a phishing website or fake airdrop in early 2024, giving the scammer long-term access to the account [2].

The attack did not occur immediately after the initial approval. Instead, the scammer waited until the victim’s wallet accumulated significant value before making the move. The victim had deposited $762,397 into the affected wallet from a MetaMask address in late June and shortly after transferred an additional $146,154 in USDC from a Kraken wallet. This sudden influx of funds likely triggered the scammer to carry out the theft in a single, well-timed transaction [1].

The case exemplifies a common tactic in phishing approval scams—waiting for a victim’s wallet to accumulate value before executing the exploit. Once a user signs an approval for a dApp, it often remains valid indefinitely unless manually revoked. The victim in this case failed to review or revoke the outdated approval, leaving their funds vulnerable [2].

Phishing approvals have become a growing concern in the Ethereum ecosystem. Unlike immediate thefts involving private keys, these attacks exploit open-ended transaction permissions granted during routine interactions. The victim did not lose their keys but rather allowed access through a single oversight. This underscores the importance of managing token approvals regularly and understanding the long-term risks of granting access to dApps [1].

Ethereum users can take preventive steps by using tools like Etherscan’s Token Approval Checker to monitor and revoke unnecessary permissions. However, revoking approvals often requires paying gas fees, which may discourage some users from maintaining strict security practices. As these attacks grow more sophisticated, security is increasingly a shared responsibility between users and platform developers [2].

This incident also reflects a broader trend in crypto security. In July 2025 alone, over $142 million was stolen across 17 separate attacks, including major breaches at crypto exchanges. The continued rise in such incidents highlights the urgent need for better user education and more robust security measures within the blockchain space [1].

Source:

[1] Cointelegraph, Crypto victim loses $908K in sophisticated phishing attack

https://cointelegraph.com/news/crypto-victim-loses-908k-in-sophisticated-phishing-attack

[2] Coинфомания, $908K Stolen in Phishing Tied to 458-Day-Old Wallet

https://coinfomania.com/908k-stolen-in-phishing-tied-to-458-day-old-wallet-approval/

Comments



Add a public comment...
No comments

No comments yet