Guavy AI Editorial TeamSentiment: -4.5Clout: 42

$1M Stolen via Ethereum Token Approval Phishing Attack

A malicious token approval on Ethereum led to the theft of nearly $1 million in USDT from a crypto wallet. The attack occurred when the owner signed a seemingly routine approval request, which in fact granted attackers permission to move tokens from the wallet.

According to Scam Sniffer, the attackers first tried to pull approximately $1 million via multicall transactions but failed due to the wallet's lower balance. They then recalculated and successfully drained 999,999 USDT out of the wallet a few seconds later.

The incident highlights the growing threat of approval phishing in crypto, which has siphoned off hundreds of millions from users this year. Researchers call it one of the most persistent social-engineering threats in crypto, as users can unintentionally grant unlimited spending permission by approving ERC-20 approvals or malicious smart contracts.