Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Krypto user lost $ 908,551 to fraud with wallets 458 days after the unconscious signature of harmful approval transactions, onchain data shows.
The attack came from the ERC-20-20-like transaction, signed via a phishing site or a false AirDropu-, which provided Scammer’s wallet “0x67e5Ae”, continuing permission to access the victim’s resources.
Scammer-connected with a notorious pink dear address-theft of 2 August at 4:57 in the morning UTC, stealing USDC worth $ 908,551 (USDC) Stablecoin, fraud sniffer pointed Out on the X. Theft came 458 days after the victim signed a transaction of phishing approval 30 April 2024.
The security incident has forced Scam Sniffer to remind the crypt users to “check and cancel old approval regularly”, otherwise, hard -earned funds can be endangered.
“It depends on your security security,” he added.
Scammer’s patience paid off
Only a month ago the victim’s wallet was noticed and kept in low value – it did not reduce the attacker any motivation to conduct.
This changed on July 2, when the victim deposited $ 762,397 to Metamask wallet At 20:41 UTC.
Ten minutes later another $ 146,154 in USDC was transferred to the same wallet for A crackling wallet.
Related: Bitcoin robbery 3.5 B since 2020 retroactively exposed – Arkham Intel
Scammer probably watched the wallet in the next month and waited to see other funds into it before he decides to drain the funds in one transaction on August 2.
This delayed strike is a determining feature of phishing approval attacks: fraudsters are waiting for months and only intervene when the balance of the victim is useful.
Tools already exist to prevent these attacks
In order to help prevent these attacks, Ethereum users can use to review and cancel unnecessary approval of the Etherscan’s token Checker tokens gas fee.
Bad actors and cheaters stole over $ 142 million from the crypto space in July on at least 17 separate attacks, with exploitation Crypto Exchange Coindcx Accounting for the most important loss.
Magazine: Inside 30,000 Party Boot Boots to steal crypto AirDrops from real users
