A user lost digital assets totaling $1.23 million after signing a malicious transaction. The incident occurred on the Ethereum network and resulted in the loss of a Uniswap V3 Position NFT. The event was reported by Scam Sniffer, an analytics platform specializing in detecting fraudulent activity.
What’s Happened
According to analysts, the affected user with the address 0x40055A8B7aC86ad8d56A5e7bab79984DB581dA4b signed a multicall transaction that included an embedded setApprovalForAll function call. This operation granted a phishing contract full permission to manage the user’s Uniswap V3-related NFTs.
Immediately after the approval, the assets were transferred to the attacker's address 0x3dc4b980fef45ab22f8a55b025ae9d19001d97b3 and subsequently withdrawn. The transaction can be viewed on Etherscan: etherscan.io/tx/0x0109...35fbd.
The Phishing Threat
Scam Sniffer emphasized that this case highlights the ongoing threat of phishing attacks in the crypto ecosystem. These schemes often disguise themselves as legitimate actions, embedding permission calls that users may overlook before signing.
Analysts are urging users to be extra cautious when interacting with smart contracts, especially when granting access permissions. It is recommended to use browser extensions that monitor potential threats and to avoid approving transactions from unverified or suspicious sources.
This post is for informational purposes only and is not an ad or investment advice. Please do your own research making any decisions.