A crypto user has fallen victim to a phishing scam, losing $3.05 million in USDT, sending shockwaves through the crypto community. The attack involved a malicious ERC-20 token transfer that exploited vulnerabilities in the user’s crypto trading activity.
Blockchain analytics platform Lookonchain reported the incident, highlighting the sophisticated tactics behind the scam. The case underscores the growing threat of phishing attacks in the digital asset space and serves as a warning for traders to remain vigilant when handling token approvals and transfers.
How did it happen?
The attacker exploited a signed transaction that the victim unknowingly approved on April 30, 2024, giving them long-term access to the wallet. Linked to the address 0x67E5Ae, the attacker waited for the wallet’s balance to grow before striking. On August 5, 2025, at 6:28 PM UTC, they drained $3.05 million in USDT (Tether).
Investigators believe the scam involved a fake airdrop or misleading token transfer that lulled the victim into a false sense of security. Records show the victim received 33,839 aETHUSDT tokens, while the attacker withdrew 3,087,821 aETHUSDT.
Crypto phishing attacks like this are on the rise. Just recently, another user lost nearly $1 million to a similar scheme, where a phishing approval signed 458 days earlier was later exploited after the victim visited a fake website mimicking a trusted platform, according to Scam Sniffer.
New Tactics, Same Damage
Scammers are increasingly exploiting token approvals to gain long-term control over victims’ wallets. Experts stress the importance of strong security practices, recommending that users regularly revoke token approvals using platforms like Revoke.cash.
Users should also carefully verify transactions before signing and consider hardware wallets for added protection. Staying alert and informed is critical in the fast-changing world of cryptocurrency.
The $3.05 million theft highlights the growing seriousness of crypto phishing attacks. Other recent cases include a $4 million hack of a Coinbase user in June 2025, where a scammer posed as customer support and tricked the victim into creating a wallet on a fake website, ultimately draining their funds.
As digital asset adoption grows, robust security measures and constant vigilance are essential for protecting crypto holdings.