How It Works
The attack typically begins when a user connects a wallet to a malicious or compromised website. By approving an “unlimited allowance” transaction, they unintentionally grant the attacker ongoing access to their tokens. Later, the hacker uses a hidden contract to drain assets without requiring additional approvals.
Real-World Cases
- Hundreds of NFT holders have lost collections through sites that mimicked marketplaces like OpenSea.
- Even official Discord servers have been hijacked to spread malicious links leading to drains.
- Regularly use services like Revoke.cash to review and remove old approvals.
- Avoid storing valuable tokens or NFTs in hot wallets.
- Check the actual code of a transaction whenever possible, not just the front-end display.
- Use a hardware wallet for signing, which provides an added layer of protection.
Today’s hacks rely less on brute force and more on social engineering combined with invisible permissions. Always double-check what you are granting access to. In crypto, a single careless approval can cost you an entire portfolio.