• Trending
  • Comments
  • Latest
The Louvre needed police escorts to move crypto attendees: Decentralised money just decentralised the danger

The Louvre needed police escorts to move crypto attendees: Decentralised money just decentralised the danger

04/18/2026 - Updated on 05/25/2026
AI People joins Dubai’s innovation one — Declares war on the forgetting of humanity

AI People joins Dubai’s Innovation One program: Declares war on the forgetting of humanity

07/22/2025 - Updated on 07/23/2025
XRP community

Ripple CEO reassures community after SWIFT selects rival blockchain for pilot

02/10/2026
Polygon Discord Channel Hacked, Throws Crypto Community in Turmoil

Polygon Discord Channel Hacked, Throws Crypto Community in Turmoil

2
Bitcoin reclaims $107,000 as Iran-Israel ceasefire cools market tensions

Bitcoin reclaims $107,000 as Iran-Israel ceasefire cools market tensions

2

Hello world!

1
Ethereum phishing scam

Ethereum phishing scam drains $999,999 after script recalculates exact balance

07/10/2026
Tether Brings USDT Stablecoin to UAE Real Estate Market

Aqua Labs co-founder says UAE tenants could pay rent in stablecoins within nine months as regulators near a finished framework

07/10/2026
Crypto Laundering Schemes

Interpol’s Operation First Light nets 5,811 arrests and a $122.5 million crypto wallet tied to romance scams

07/10/2026
  • Trending
  • Comments
  • Latest
The Louvre needed police escorts to move crypto attendees: Decentralised money just decentralised the danger

The Louvre needed police escorts to move crypto attendees: Decentralised money just decentralised the danger

04/18/2026 - Updated on 05/25/2026
AI People joins Dubai’s innovation one — Declares war on the forgetting of humanity

AI People joins Dubai’s Innovation One program: Declares war on the forgetting of humanity

07/22/2025 - Updated on 07/23/2025
XRP community

Ripple CEO reassures community after SWIFT selects rival blockchain for pilot

02/10/2026
Polygon Discord Channel Hacked, Throws Crypto Community in Turmoil

Polygon Discord Channel Hacked, Throws Crypto Community in Turmoil

2
Bitcoin reclaims $107,000 as Iran-Israel ceasefire cools market tensions

Bitcoin reclaims $107,000 as Iran-Israel ceasefire cools market tensions

2

Hello world!

1
Ethereum phishing scam

Ethereum phishing scam drains $999,999 after script recalculates exact balance

07/10/2026
Tether Brings USDT Stablecoin to UAE Real Estate Market

Aqua Labs co-founder says UAE tenants could pay rent in stablecoins within nine months as regulators near a finished framework

07/10/2026
Crypto Laundering Schemes

Interpol’s Operation First Light nets 5,811 arrests and a $122.5 million crypto wallet tied to romance scams

07/10/2026
Friday, July 10, 2026
  • Login
The Bit Gazette
  • Home
  • Crypto News
  • Expert Analysis
  • Finance
  • Tech
  • Sponsored
  • Press Release
  • Opinion
No Result
View All Result
The Bit Gazette
No Result
View All Result
Home Breaking News

Ethereum phishing scam drains $999,999 after script recalculates exact balance

The latest attack underscores how a single deceptive signature can wipe out an entire crypto wallet as approval phishing continues to surge in 2025.

by Elizabeth Omotoke
33 minutes ago
in Breaking News
Reading Time: 5 mins read
0
Ethereum phishing scam

Ethereum phishing scam

Share on FacebookShare on Twitter

A cryptocurrency holder lost 999,999 USDT on Ethereum after signing a malicious transaction approval that gave attackers unrestricted access to the wallet, blockchain security platform Scam Sniffer reported.

The incident is the latest reminder that approval-based phishing attacks remain one of the most effective tactics used by cybercriminals targeting digital asset investors.

Blockchain security platform Scam Sniffer reported that the victim lost 999,999 Tether (USDT) after signing what appeared to be a legitimate transaction request on the Ethereum network. The malicious approval enabled attackers to empty the wallet without requiring any additional authorization, illustrating how a single signature can result in catastrophic losses.

The theft comes as blockchain security firms continue to warn that phishing campaigns remain one of the largest sources of crypto-related losses this year, with hundreds of millions of dollars already stolen through similar schemes.

Ethereum phishing scam exploited wallet approval permissions

According to Scam Sniffer, the attackers initially attempted to withdraw a rounded figure of $1 million using multicall transactions. However, blockchain records showed that the transfer failed because the victim’s wallet balance was marginally below that amount.

Rather than abandoning the attack, the scammers quickly modified their automated script. Within seconds, the software recalculated the wallet’s exact balance and successfully transferred every remaining token.

“The script recalculated and pulled the exact remaining balance,” Scam Sniffer explained while analyzing the on-chain transaction.

The precision of the attack highlights how automated tools are increasingly being deployed by phishing groups to maximize stolen funds immediately after victims authorize malicious spending permissions.

Unlike private key compromises, approval phishing attacks rely on victims voluntarily signing transactions they mistakenly believe are harmless. Once unlimited spending permission is granted, attackers can transfer tokens from the wallet without requesting another signature from the owner.

The latest Ethereum phishing scam demonstrates how dangerous these approval requests have become, particularly as scammers continue refining their social engineering techniques.

Approval phishing remains one of crypto’s biggest security threats

Cybersecurity researchers have repeatedly identified approval phishing as one of the fastest-growing attack vectors across decentralized finance and self-custody wallets.

According to blockchain security firm CertiK, phishing attacks have resulted in approximately $723 million in losses across 248 separate incidents during 2025. Most of those attacks followed the same pattern: victims unknowingly signed malicious token approval requests that handed attackers unrestricted spending authority over their assets.

The persistence of these scams reflects a broader challenge facing the crypto industry, where transaction signatures often contain complex technical data that many users struggle to interpret.

Earlier this month, another investor reportedly lost around $1.65 million after connecting a wallet to a fraudulent cryptocurrency exchange and signing a malicious smart contract.

Researcher Ryan Coleman described how that attack unfolded.

“The approval gave attackers unlimited access, enabling an automated sweeper to drain funds,” Coleman said while discussing the incident.

Security firms have consistently advised wallet holders to avoid signing approval requests without carefully reviewing the requested permissions, especially when interacting with unfamiliar decentralized applications or websites.

As attacks become more sophisticated, the latest Ethereum phishing scam reinforces the importance of verifying every wallet prompt before confirming any transaction.

Separate on-chain risks continue exposing crypto investors

While phishing remains one of the industry’s largest security concerns, experts note that not every major crypto loss stems from malicious approvals.

Earlier this week, another trader reportedly lost nearly $2 million after executing an Ether swap through a decentralized exchange. In that case, the transaction was routed through a low-liquidity pool, allowing a same-block arbitrage opportunity that extracted most of the trade’s value.

Blockchain security company GoPlus Security said the incident was not linked to phishing but instead resulted from inefficient transaction routing during execution.

The distinction is important because it highlights the multiple technical risks users face when interacting with decentralized finance protocols. While phishing attacks depend on deceptive approvals, poor transaction routing can also produce devastating financial outcomes without any compromise of wallet permissions.

Together, the two incidents demonstrate that investors must pay close attention not only to the signatures they authorize but also to how transactions are executed across decentralized networks.

Although unrelated in their mechanics, both losses emphasize the importance of understanding blockchain interactions before confirming any on-chain activity.

Security experts urge greater caution before signing transactions

Blockchain security companies continue encouraging crypto users to adopt stricter security habits as phishing campaigns evolve.

Scam Sniffer recommends reviewing every wallet signature carefully instead of approving requests automatically. Users are also encouraged to verify website domains, avoid interacting with unsolicited links, and use browser extensions or wallet security tools capable of detecting suspicious approval requests before signatures are submitted.

Industry experts also recommend periodically reviewing and revoking unnecessary token approvals, reducing the likelihood that previously granted permissions can later be exploited by attackers.

The latest Ethereum phishing scam serves as another warning that even experienced cryptocurrency users can become victims of increasingly convincing social engineering attacks. As approval-based phishing campaigns continue generating enormous financial losses across the industry, cybersecurity firms expect attackers to remain focused on exploiting wallet permissions rather than attempting more technically complex network breaches.

With phishing-related losses already reaching hundreds of millions of dollars this year, the recent theft highlights why transaction verification has become one of the most critical habits for anyone managing digital assets. For crypto investors, taking a few extra seconds to examine a signature request may be the difference between completing a legitimate transaction and losing an entire wallet balance in an instant.

Tags: blockchainBlockchain Securitycrypto crimecrypto scamCrypto theftcrypto walletcryptocurrency fraudCryptocurrency Newscybersecuritydigital assetsethereumethereum securityphishing attackphishing scamweb3
Share196Tweet123
Elizabeth Omotoke

Elizabeth Omotoke

  • Trending
  • Comments
  • Latest
The Louvre needed police escorts to move crypto attendees: Decentralised money just decentralised the danger

The Louvre needed police escorts to move crypto attendees: Decentralised money just decentralised the danger

04/18/2026 - Updated on 05/25/2026
AI People joins Dubai’s innovation one — Declares war on the forgetting of humanity

AI People joins Dubai’s Innovation One program: Declares war on the forgetting of humanity

07/22/2025 - Updated on 07/23/2025
XRP community

Ripple CEO reassures community after SWIFT selects rival blockchain for pilot

02/10/2026
Polygon Discord Channel Hacked, Throws Crypto Community in Turmoil

Polygon Discord Channel Hacked, Throws Crypto Community in Turmoil

2
Bitcoin reclaims $107,000 as Iran-Israel ceasefire cools market tensions

Bitcoin reclaims $107,000 as Iran-Israel ceasefire cools market tensions

2

Hello world!

1
Ethereum phishing scam

Ethereum phishing scam drains $999,999 after script recalculates exact balance

07/10/2026
Tether Brings USDT Stablecoin to UAE Real Estate Market

Aqua Labs co-founder says UAE tenants could pay rent in stablecoins within nine months as regulators near a finished framework

07/10/2026
Crypto Laundering Schemes

Interpol’s Operation First Light nets 5,811 arrests and a $122.5 million crypto wallet tied to romance scams

07/10/2026
The Bit Gazette

Copyright © 2025 - The Bit Gazette.

Navigate Site

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Follow Us

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
No Result
View All Result
  • Home
  • Crypto News
  • Expert Analysis
  • Finance
  • Tech
  • Sponsored
  • Press Release
  • Opinion

Copyright © 2025 - The Bit Gazette.