Title: Wallet Drainer Scam via Malicious Approval – Loss of ETH and USDT Category: Cryptocurrency Scam / Wallet Drainer / Phishing --- Victim Wallet Address: 0x0871480cbB465fBA3dDC05F0aF615642C29D95E3 Attacker Wallet Address: 0x870389502d0a41Fd9916922c8b5BE24801C55B0B --- Incident Date & Time: Approximately 6 days ago (around 22:00 local time, UTC+7) --- Summary of the Incident: I was a victim of a wallet drainer attack after interacting with a malicious smart contract. I unknowingly signed a transaction that granted approval to a malicious spender. Shortly after, my funds were drained without any further authorization. --- Relevant Transactions: 1. Approval / Malicious Interaction (ETH Transaction): 0x2f959981c02c147723bc7a106213a461e8505eeba421f5f2656d1e47a8f7f8df This transaction likely granted token spending permission (approve/permit) to a malicious contract. 2. Unauthorized USDT Transfer (Drain Transaction): 0xf688de177a6d90d42fff4d3efc1d5877cb79db756eea4782ad79e12f115a626c This transaction transferred USDT from my wallet to the attacker’s address using the previously granted approval. --- Assets Lost: - ETH (0.105) - USDT ($1265) --- Attack Description (Technical Flow): 1. Victim connected wallet to a malicious website or dApp. 2. Victim signed a transaction (likely approve/permit). 3. The malicious contract obtained spending rights over tokens. 4. Attacker executed transferFrom() to drain USDT and possibly other assets. 5. Funds were sent to attacker wallet: 0x870389502d0a41Fd9916922c8b5BE24801C55B0B --- Impact: Loss of funds (ETH and USDT) and full compromise of wallet security. --- Additional Notes: - This appears to be part of a broader wallet drainer pattern. - The attacker wallet may be linked to other victims. - Funds may have been moved, swapped, or bridged after initial receipt. --- Request: I request investigation into the attacker address and associated transactions. If possible, please flag this address and any related infrastructure to prevent further victims. --- Evidence: - Victim wallet address - Attacker wallet address - Transaction hashes listed above