On July 8, an unknown user lost 999,999 USDT after signing a phishing transaction on the Ethereum network. The incident was highlighted by Scam Sniffer analysts.
— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) July 9, 2026
Initially, the attackers attempted to withdraw exactly 1 million USDT using a multicall function, but later they drained the exact remaining balance through several transactions.
The theft was executed in three transactions: 639,999 USDT, 159,999 USDT, and 200,000 USDT.
On Etherscan, the recipient's address is flagged as phishing.
Scam Sniffer advised cryptocurrency users to double-check all signature requests before approval, avoid hasty transactions, and use specialized tools like extensions to detect scams.
A similar incident occurred on July 4, where a wallet owner lost $1.65 million after connecting to a fake exchange and signing a malicious contract.
A wallet holder lost $1.65M after connecting to a fake exchange and signing a malicious contract. The approval gave attackers unlimited access, enabling an automated sweeper to drain funds. Always verify contracts and revoke unused token approvals. pic.twitter.com/MbwJx2CHSe
— Ryan C. Coleman (@RyanColeXBT) July 3, 2026
"The approval gave attackers unlimited access, allowing an automated sweeper to drain the wallet. Always verify contracts and revoke unused token approvals," noted researcher Ryan Coleman.
It’s worth mentioning that in the first six months of 2026, the crypto industry lost $1.32 billion due to security incidents, according to CertiK. In the first quarter, phishing was the largest source of losses.
