- Crypto user loses $908K USDC following a phishing scam.
- Scam occurred after 15 months of inactive approval.
- Highlights need for regular wallet permission audits.
A crypto user suffered a loss of $908,551 in USDC on August 2, 2025, due to a delayed wallet-draining scam executed via a phishing scheme linked to pink-drainer.eth.
The incident underscores ongoing risks related to on-chain permissions, urging crypto users to audit smart contract approvals to prevent financial exploitation.
The attacker used address pink-drainer.eth, known in similar scams. However, no links to well-known individuals have been identified. The on-chain security firm Scam Sniffer alerted the community to the incident.
Incident Overview
The funds were stolen post-deposit from a MetaMask and Kraken wallet totaling $762,397 and $146,154, respectively. The sharp USDC outflow didn’t impact market metrics like TVL or staking. Similar scams using long-term approvals have been reported, highlighting the need for diligent approvals management. This incident highlights a challenge for crypto users regarding persistent on-chain approvals.
Stolen funds were transferred to pink-drainer.eth after 458 days of dormant approval. A sobering reminder to regularly review wallet permissions before introducing fresh capital. – Scam Sniffer Alert
Security Implications and Recommendations
The delayed execution of the fraud underscores the importance of routine checks for token allowances. Financial experts stress the significance of regular wallet audits to prevent unauthorized access. Historical analysis indicates a pattern in delayed phishing scams, with many users falling prey to such tactics. The governance or DeFi tokens remained unaffected by this event.
| Disclaimer: The content on The CCPress is provided for informational purposes only and should not be considered financial or investment advice. Cryptocurrency investments carry inherent risks. Please consult a qualified financial advisor before making any investment decisions. |
