Share

Crypto User Loses $3.05M to Malicious Phishing Transfer Attack

The hacker waited for the victim's wallet to increase in value before acting. This follows a growing trend of similar recent cases.
Ephraim Emmanuel
Last updated:
6 August 2025 @ 12:04 UTC
Why Trust CTW

CTW is a fresh voice in the world of cryptocurrency, offering clear and insightful coverage of the ever-evolving digital asset landscape. Backed by a team of passionate writers and crypto enthusiasts, we dive deep into market trends, emerging technologies, and innovative blockchain projects. We hope to become your go-to source for up-to-date information in this fast-paced industry.

Crypto scam

Share

A crypto user has fallen victim to a phishing scam, losing $3.05 million in USDT, sending shockwaves through the crypto community. The attack involved a malicious ERC-20 token transfer that exploited vulnerabilities in the user’s crypto trading activity.

Blockchain analytics platform Lookonchain reported the incident, highlighting the sophisticated tactics behind the scam. The case underscores the growing threat of phishing attacks in the digital asset space and serves as a warning for traders to remain vigilant when handling token approvals and transfers.

How did it happen?

The attacker exploited a signed transaction that the victim unknowingly approved on April 30, 2024, giving them long-term access to the wallet. Linked to the address 0x67E5Ae, the attacker waited for the wallet’s balance to grow before striking. On August 5, 2025, at 6:28 PM UTC, they drained $3.05 million in USDT (Tether).

Investigators believe the scam involved a fake airdrop or misleading token transfer that lulled the victim into a false sense of security. Records show the victim received 33,839 aETHUSDT tokens, while the attacker withdrew 3,087,821 aETHUSDT.

Crypto phishing attacks like this are on the rise. Just recently, another user lost nearly $1 million to a similar scheme, where a phishing approval signed 458 days earlier was later exploited after the victim visited a fake website mimicking a trusted platform, according to Scam Sniffer.

New Tactics, Same Damage

Scammers are increasingly exploiting token approvals to gain long-term control over victims’ wallets. Experts stress the importance of strong security practices, recommending that users regularly revoke token approvals using platforms like Revoke.cash.

Users should also carefully verify transactions before signing and consider hardware wallets for added protection. Staying alert and informed is critical in the fast-changing world of cryptocurrency.

The $3.05 million theft highlights the growing seriousness of crypto phishing attacks. Other recent cases include a $4 million hack of a Coinbase user in June 2025, where a scammer posed as customer support and tricked the victim into creating a wallet on a fake website, ultimately draining their funds.

As digital asset adoption grows, robust security measures and constant vigilance are essential for protecting crypto holdings.

Ephraim Emmanuel

Enter your email for our Free Daily Newsletter.

Newsletter Subscribers (Home Footer}