- Trending
- Comments
- Latest
On August 2, 2025, a crypto investor lost a whopping $908,551 to a crypto phishing attack that had been set in motion 15 months earlier.
According to data analysed by Scam Sniffer, it all started following a long dormant approval signed by the investor in April 2024. The drained the funds after patiently waiting for the perfect timing, which he got at the end.
The whole incident traces back to April 30, 2024, when the victim authorized a malicious ERC-20 token approval unknowingly. Reports suggests that the approval which granted the scammer access to the victim’s wallet was signed on a phishing site or through a fake airdrop site, with the scammer’s wallet linked to the well-known pink-drainer.eth address—ongoing access to the victim’s assets.
For over a year, the compromised wallet remained inactive, holding little value. That changed on July 2, 2025, when $762,397 in USDC was transferred from a MetaMask wallet into the address, followed shortly by another $146,154 from a Kraken account.
The attacker monitored these transactions and chose not to act immediately. Instead, they waited for nearly a month, ensuring no additional inflows before draining the wallet in one transaction on August 2 at 4:57 a.m. UTC.
This method is common in a crypto phishing attack: criminals bide their time, striking only when balances become significant.
The targeted funds were stolen through a malicious approval—a recurring tactic in which attackers secure long-term permissions. Such attacks highlight the importance of regular security checks by crypto investors.
“Subsidizing crypto mining risks distorting energy markets,” —IMF spokesperson, in a statement to Independent Urdu.
While this quote from a separate case underscores policy risks, industry experts see similar parallels: inadequate oversight leaves investors exposed to digital threats.
The recent incident adds to an alarming trend. Scam Sniffer reports that over $142 million was lost to different forms of scams and hacks in July 2025 alone, including at least 17 separate crypto phishing attacks.
Experts emphasize that preventing a crypto phishing attack is possible with consistent wallet hygiene. Users are encouraged to use tools like Etherscan’s Token Approval Checker to identify and revoke old token approvals, though revocation incurs a small gas fee.
“Your wallet security matters,” — Scam Sniffer team, warning investors to make wallet reviews routine.
Security professionals advise that users:
Regularly review all token approvals.
Avoid signing transactions from unfamiliar links or airdrops.
Keep funds in hardware wallets when not actively trading.
This crypto phishing attack serves as a warning that blockchain transparency does not eliminate risk. As long as malicious approvals remain active, attackers can wait indefinitely, ready to strike when wallets become lucrative.
Copyright © 2025 - The Bit Gazette.
