Phishing Scam Drains $3.05M USDT from Crypto Wallet

A crypto user lost $3.05 million in USDT after approving a malicious transaction in a sophisticated phishing attack. On-chain security firms Lookonchain, PeckShield and Scam Sniffer traced the theft to a phishing contract that tricked the victim into signing a transfer of Aave-wrapped USDT (aEthUSDT). Scam Sniffer warned that attackers exploit EIP-7702 upgraded addresses and batch transfers routed through the Uniswap Universal Router to mimic legitimate swaps. This follows a prior case where over $908,000 was drained from an approval signed 458 days earlier, highlighting the ongoing danger of old on-chain approvals. According to a Bitget report, crypto scams cost $4.6 billion in 2024, with AI-enabled fraud accounting for nearly 40% of large-scale drains. Users are urged to double-check every transaction, revoke outdated permissions and verify URLs to guard against phishing attacks. Emerging initiatives by Bitget, SlowMist and Elliptic aim to disrupt fraud networks, but vigilance remains essential.