Crypto Trader Bleeds $908K in Elaborate 458-Day-Old Fake Transaction Scam
Another day, another 'trustless' system proving anything but. A crypto trader just got schooled in blockchain's oldest magic trick—the long con.
How? A transaction that never happened... 458 days ago.
Somewhere between 'code is law' and 'not your keys, not your crypto,' we forgot the golden rule: On-chain sleight-of-hand beats diamond hands every time. The scam? Impeccable. The execution? Flawless. The victim's due diligence? Apparently stored offline—permanently.
Pro tip: If your 'trustless' system requires blind faith in 15-month-old metadata, maybe reconsider your life choices. Or at least hire a blockchain archaeologist.
Bonus jab: Traders losing six figures to phantom transactions? The real miracle is that anyone still believes 'crypto = efficiency.'
Scammer strikes 458 days later as dormant wallet springs to life
The scammer’s wallet had a disreputable pink-drainer.eth address, “0x67E5Ae”, where the stolen $908,551 worth of USDC stablecoin was received. The attack was carried out on August 2 at 4:57 AM UTC, according to Scam Sniffer’s X post. This was 458 days, just after the victim accidentally approved a transaction that appeared to be legit on April 30, 2024.
The unexpected attack has raised security concerns among crypto users. To address this, Scam Sniffer, a firm that keenly monitors malicious activities in the crypto space, called for the urgency of digital asset users taking caution before approving the transactions.
According to the firm, users should check their approvals often. For the old ones, they should cancel them to avoid exposing their funds to scammers, emphasizing the importance of their wallet security.
In the highlighted case, the compromised wallet had only seen minimal, low-value transactions up until a month before the theft, making it unlikely to attract immediate attention from scammers.
The user decided to MOVE $762,397 into a wallet with the address 0x6c0eB6 from a MetaMask wallet on July 2 at 8:41 PM UTC.
Ten minutes later, the user transferred another $146,154 in USDC to the same wallet from a Kraken account.
At this time, the scammer was monitoring the movement of the funds, waiting for the right time to attack while giving the user more time to see if she or he could add more funds to the wallet. The attack took place on August 2.
Crypto fraud attack raises tension among investors
Investigators noted that the scammer used tactics typical of a phishing approval attack, closely monitoring the victim’s transactions before executing the theft.
Following such attacks, crypto authorities included stricter measures users should take while approving transactions. For example, they have introduced Etherscan’s Token Approval checker for ethereum users, enabling them to review and cancel any token approval that is not needed. However, each cancellation process is charged a gas fee.
Meanwhile, research from sources reveals that in July alone, the total stolen funds amounted to more than $142 million in the crypto ecosystem. This involves at least 17 attacks, with crypto exchange CoinDCX suffering the highest losses.
Still, crypto users are worried about the security of their funds. Some have highlighted that this scammer has not been identified and arrested, which makes them even more worried. Others have called for more security measures to be effected.
Get seen where it counts. Advertise in Cryptopolitan Research and reach crypto’s sharpest investors and builders.
