$908K USDC stolen, 458 days after approval: ‘Your wallet security matters!’

ambcrypto发布于2025-08-03更新于2025-08-03

Key Takeaways

A user lost nearly $1 million in USDC to a scam tied to a malicious contract signed 458 days earlier. Experts warn that this delayed exploit trend is becoming a go-to strategy for crypto thieves.


A crypto user lost $908,551 in USD Coin [USDC] after falling victim to a wallet-draining scam that exploited a malicious contract approval signed over 15 months ago.

Source: X

According to onchain data, the victim approved a malicious smart contract on the 30th of April 2024, most likely through a fake airdrop or a phishing site disguised as a legitimate platform.

Following this, the scammer patiently waited for nearly 16 months before executing the final blow on the 2nd of August 2025, draining the victim’s wallet of nearly a million dollars in USDC.

How old wallet approvals can turn scary

The attack traced back to an ERC-20 approval that silently gave access to a scammer wallet “0x67E5Ae” linked to the pink-drainer.eth address.

The contract allowed token transfers without any further user confirmation.

According to Scam Sniffer, who flagged the incident on X, the theft occurred a staggering 458 days after the victim unknowingly approved the malicious transaction.

Soon after this, Scam Sniffer took to X and noted

“Regularly review and revoke old approvals – your wallet security matters!”

In this case, the compromised wallet had previously shown only minor, low-value activity, which likely helped it fly under the radar.

How did this start?

Things took a sharp turn on the 2nd of July.

The victim moved $762,397 USDC from MetaMask to a new wallet (0x6c0eB6) at 8:41 PM UTC.

Just ten minutes later, they topped it up with another $146,154 from a Kraken account. These movements were public on-chain and likely alerted the scammer.

Instead of acting right away, the attacker waited another month, likely to confirm no reversal or additional deposits. And then struck at 4:57 a.m. UTC on the 2nd of August.

The stolen funds were sent to an address labeled Fake_Phishing322880 and flagged by Scam Sniffer as malicious.

Scams getting smarter

This shows that the surge in crypto-related scams is growing more sophisticated by the day, as bad actors exploit both technology and trust.

From AI-generated deepfakes of Ripple executives to impersonated YouTube channels promoting fake XRP giveaways, scammers are leveraging realism to deceive unsuspecting users.

At the same time, the resurfacing of a colossal 16-billion-record credential leak has heightened the risks across platforms.

In one alarming instance, a targeted phishing attack used a blend of urgency, impersonation, and cross-platform manipulation to fool even a seasoned cybersecurity expert. 

Even experienced users have fallen prey.

Source: Galaxy

Even cybersecurity analyst Christopher Rosa fell for a phishing scam using spoofed emails, fake Coinbase calls, and coordinated social engineering.

The takeaway is blunt but vital: old approvals don’t expire, and attackers don’t forget.

Share

你可能也喜欢

XRP在数周下跌后出现罕见技术性买入信号——这次有何不同?

XRP在经历数周下跌后,首次于6月中旬以来出现SuperTrend买入信号,技术面短期有所改善。该指标此前曾预示过14%的涨幅,也识别出过去两次大幅下跌,显示其在关键转折点的可靠性。本次信号表明卖压缓解,买家重获短期控制权。 链上数据显示,XRP的持有者亏损达到历史极端水平:30日和365日MVRV比率分别降至-45%和-47%,意味着绝大多数投资者处于深度亏损状态。这种极端读数通常出现在长期抛售之后,反而可能改善长期风险回报比,为反弹创造条件。 然而,网络价值与交易量比率(NVT)在24小时内暴涨470.92%,达到194.71,表明市值增长远超链上实际交易量,估值与实用性出现背离。这引发了对网络强度可持续性的疑问,长期上涨需要更强的网络参与度来支撑。 价格方面,XRP成功守住了1.0385美元的关键支撑位,目前交易于1.1014美元附近。日线图显示MACD指标线已上穿信号线,柱状图转正,显示看跌压力减弱。上方主要阻力位在1.2352美元,突破后可能挑战1.3653美元;若再次受阻,焦点将重回1.0385美元支撑。 总体而言,XRP技术条件有所改善,但要确立更广泛的看涨趋势,仍需确认性突破上方阻力位。当前情况是极端的持有者亏损为反弹提供了空间,但网络活跃度滞后于价格涨幅,构成了主要隐忧。

ambcrypto52分钟前

XRP在数周下跌后出现罕见技术性买入信号——这次有何不同?

ambcrypto52分钟前

交易

现货
活动图片