- One phishing transaction signature costing 3M lost
- In July 2025, crypto hacks stole $147M
- It is very important to be vigilant on URLs and contract addresses.
A recent phishing scheme targeted a crypto investor and allowed attackers to drain his account by more than $3 million in USDT through a malicious transaction signature. The victim made a blind signing of a fraudulent transfer that totally emptied his or her wallet.
This underscores the severe risks that are present in the digital asset space. Lookonchain reported this on X, highlighting that people need to be more cautious when dealing with crypto transactions.
Source – X
Phishing Attack Drains $3M in Seconds
The victim received a deceiving link and upon opening it, the deception occurred by the signature of a transfer of 3.05 million USDT. Without fully understanding the transaction’s implications.
With this signature, the user unintentionally gave the hackers permission to clear his or her wallet in a matter of seconds. Lookonchain advised against accepting a transaction blind and checking all URLs and contract addresses against official sources.
Such crypto scams are getting increasingly common and economically disastrous. In July 2025, hackers stole an astonishing $147 million in crypto hacks, continuing an upward trend as they exploit user errors and system vulnerabilities. This steep increase in cyber theft of digital assets has alarmed security professionals.
July 2025: A Record Month for Crypto Hacks
In July, there were a number of notable breaches that affected the crypto ecosystem. At least 17 big hacks resulted in the theft of approximately $142 million worth of funds in the month, according to PeckShield, a blockchain security company, a rise of 27 percent compared to June.
The biggest individual hacks were a 44 million dollar heist on Indian exchange CoinDCX and a 42 million dollar exploit of the GMX platform. Though GMX recovered some of its stolen funds, it has yet to recover a significant amount, raising concerns among investors.
This is a change that is indicated by the increased rate and magnitude of attacks. The amount of hacking attacks carried out in the form of social engineering to access the backend of the application, phishing employees or users, instead of simply attacking smart contracts, is increasing.
The dynamic nature of the threat environment requires a higher level of security policies and user training to avoid the next wave of financial losses.
Phishing scams remain a primary vector for crypto theft. It is imperative that users not sign transactions in situations where they are unclear of the content included in the transaction.
This is important to check URLs, signature requests, and contract addresses twice. Examples of blockchain explorers, such as Etherscan, offer the fundamental tools of transparency when establishing the legitimacy of transactions prior to their approval.
