A cryptocurrency investor lost $3.05 million in Tether (USDT) after signing a malicious blockchain transaction, according to Lookonchain’s Wednesday alert.
The trader victim gave a “yes” to a scam transaction that drained their wallet by stealing a common habit of verifying only the first and last few characters of an address.
The hacker then moved and stole the stolen funds somewhere offshore, showing both personal privacy and security risks in the crypto industry.
The Heist
Lookonchain posted a warning on social media, writing, “Someone fell victim to a phishing attack, signed a malicious transfer, and lost 3.05 M USDT! Stay alert, stay safe. One wrong click can drain your wallet. Never sign a transaction you don’t fully understand. Double-check the URL, double-check all signature requests. Verify contract addresses from official sources.”
The loss underscores how a single click can cost millions.
A Common Trap
The attacker relied on design quirks in wallet interfaces that mask the middle characters of an address. Many users scan only the start and end of an address string before signing.
In this case, that habit allowed the scammer to slip in a fraudulent contract request. Once approved, the transaction is completed automatically, leaving no recourse for the user.
Rising Threats
Phishing scams in crypto often use social engineering rather than code exploits. Fraudsters send crafted links or clone popular dApps to trick users into granting permissions.
Just days before this incident, another user lost over $900,000 to a similar scam, approving a malicious smart contract that siphoned funds more than a year after the contract was created.
Past Incidents
In May, a large “wallet poisoning” exploit drained $71 million from victims’ accounts. Unusually, the attacker later returned the funds after blockchain sleuths traced a possible IP address back to Hong Kong.
That incident showed both the power of on-chain transparency and the need for caution when signing transactions.
Fake Ads and Ongoing Schemes
Beyond phishing links, fake advertisements have begun to resurface. Scam Sniffer reported bogus “Hyperliquid” ads appearing at the top of Google results.
These ads mimic the branding of the real trading platform, luring traders to malicious sites where they risk exposing private keys or signing harmful contracts.
Historic Losses
Blockchain analytics firm Arkham Intelligence reminded the community of a 2020 hack on the Chinese mining pool LuBian.
As UnoCrypto reported, in December of that year, thieves made off with 127,426 BTC, worth about $3.5 billion at the time and nearly $14.5 billion today. That heist remains one of the largest crypto thefts on record.
Lessons and Warnings
Experts advise users to review all details of transactions prior to signing. That involves hovering over links, checking each letter of wallet addresses, and interacting only with fully audited contracts. Hardware wallets and multi-factor authentication may provide additional layers of security.
wallet and dApp builders are under pressure to enhance user interfaces. Displaying full addresses, including explicit contract previews, and implementing warnings on large transfers might minimise risk.
There are some platforms that are seeking out built-in phishing detectors that identify suspect contracts in real time.
Community Response
These events have been embraced by the crypto community, which posted best practices on forums and social media.
Lookonchain’s tweet received thousands of views and retweets and instigated discussions about striking a balance between ease of use and security.
Also Read: Crypto User Falls Victim to $150K Phishing Attack Amid Rise in Scam Transactions