Ethereum phishing scam drains nearly $1 million from crypto wallet
A crypto user has lost nearly $1 million after approving a malicious Ethereum transaction that gave scammers access to drain almost the entire wallet balance, adding to hundreds of millions of dollars in phishing losses recorded this year.
- A crypto user lost nearly $1 million after approving a malicious Ethereum transaction that allowed scammers to drain the wallet.
- Phishing scams caused $723 million in losses across 248 incidents in 2025 as approval based attacks continued targeting crypto users.
- The latest theft follows another multimillion dollar onchain loss, highlighting separate risks from phishing approvals and flawed transaction routing.
According to blockchain security platform Scam Sniffer, the victim lost 999,999 Tether (USDT) in an Ethereum phishing token approval scam on Wednesday after signing a malicious approval request.
On-chain data showed the attackers first attempted to withdraw a rounded $1 million through multicall transactions, but the transfer failed because the wallet held slightly less than that amount.
Seconds later, the attackers adjusted their script and successfully withdrew the wallet’s exact remaining balance.
“The script recalculated and pulled the exact remaining balance,” Scam Sniffer said.
Phishing approvals continue draining crypto wallets
Security researchers say approval phishing remains one of the most common social engineering attacks in crypto because users unknowingly grant unlimited spending permissions while believing they are approving a harmless transaction.
According to blockchain security firm CertiK, phishing scams caused $723 million in losses across 248 incidents during 2025. In these attacks, victims are typically tricked into signing malicious token approvals, allowing attackers to move funds from their wallets without requiring another signature.
The latest incident follows another major wallet compromise reported earlier this month. In that case, a crypto holder lost about $1.65 million after connecting to a fake exchange and signing a malicious smart contract.
“The approval gave attackers unlimited access, enabling an automated sweeper to drain funds,” researcher Ryan Coleman said on Friday.
The latest phishing loss comes only days after another high-profile onchain incident highlighted a different risk facing crypto users. Earlier this week, a trader lost nearly $2 million after a decentralized exchange routed an Ether swap through a low-liquidity pool, allowing a same-block arbitrage trade to extract most of the transaction’s value.Â
According to GoPlus Security, the loss was caused by transaction routing rather than phishing, prompting researchers to urge users to review execution paths carefully before confirming onchain transactions.
Scam Sniffer advised users to carefully review every signature request, avoid rushing approvals and use scam detection tools or browser extensions before signing wallet transactions.