On July 9, 2026, one wallet lost $998,000 in USDT. The attacker didn't steal a private key, didn't hack a smart contract, and didn't exploit a zero-day. They simply asked the victim to sign an approve transaction—and the victim did. This isn't a bug. It's a feature of ERC-20's design, weaponized with Multicall.
Context: The ERC-20 Approval Paradox
The ERC-20 token standard introduced in 2015 gave us composability—Uniswap, Aave, Curve all depend on the approve/transferFrom mechanism. But it also created a permanent attack surface: any contract you approve can drain your entire balance of that token. The protocol assumes trust, but trust is the most expensive asset in crypto.

Over the past year, phishing attacks using fake approve requests have surged 200% according to Scam Sniffer. The victim in this case likely interacted with a malicious dApp that requested a standard approve for USDT. What made this different? The attacker used Multicall—bundling the approval and multiple transferFrom calls into a single transaction. The wallet alarm fired once, showing a generic "approve unlimited USDT" warning—standard. But behind that single signature, three separate 333,000 USDT transfers were executed within seconds. The alarm was blind to the bundled actions.
Core: Order Flow Analysis—How Multicall Broke the Warning
Let's break down the on-chain mechanics. The attacker deployed a tiny contract (0xAbC...). The victim signed an approve for that contract for the maximum uint256 allowance. The attacker then called a Multicall—an Ethereum-native feature that allows batching multiple calls into one transaction. The sequence: 1. transferFrom(victim, attacker1, 333k USDT) 2. transferFrom(victim, attacker2, 333k USDT) 3. transferFrom(victim, attacker3, 332k USDT) 4. sweeps all to mixer.
From the wallet's perspective, it's a single outgoing transaction to the attacker's contract. Standard security tools check: "Is this address flagged? Is the function dangerous?" The address was fresh—no history. The function was approve—common. The Multicall allowed the attacker to hide the actual asset movement behind a single signature.
This isn't an exploit—it's a design weakness. ERC-20 allows infinite approvals by design. The real problem is that wallets simulate token-level effects but not the full execution tree. The victim saw "Approval for USDT to 0xAbC" and thought "I've done this before." But the attacker's contract wasn't just requesting permission; it was executing the permission instantly via the bundled calls.
Code is law, but bugs are justice. In this case, the bug isn't in the code—it's in the mental model. The user thinks "I approve, then review." The attacker knows "approve is the only signature needed."
Contrarian: The Retail vs. Institutional Blind Spot
The common narrative is "users need to be more careful." That's victim-blaming masked as advice. Let's look at the structural issue: The ERC-20 standard was designed for a world where every contract interaction is atomic. In 2026, with automated market makers, flash loans, and cross-chain intents, the approval token is the weakest link. Institutions solve this by using multi-sig, hardware wallets with strict whitelists, and transaction simulation. But retail users don't have that luxury.
The contrarian angle: The approval mechanism itself is the vulnerability, not user negligence. Every wallet that allows an "unlimited approve" is a ticking bomb. The attacker knows that a single signature can drain everything. Retail thinks "I'll revoke later." Smart money knows later is too late—hence they use per-transaction approve limits or separate addresses for each protocol. The real blind spot is that the entire DeFi composability model relies on permissionless approvals. It's like building a city where everyone leaves their front door unlocked because the landlord said it's convenient.
Greeks don't care about your feelings—they care about delta. The delta here is the approval limit. If you approve max unlimited, your delta exposure to that contract is 100%. The attack vector isn't the security of the contract, but the latency between approval and execution. In a bull market, users are FOMOing into new farms and minting—signing approvals without thinking, because speed matters. The attacker front-runs that speed with automated bots.
Takeaway: What the Numbers Say
This isn't a one-off. Scam Sniffer reported that phishing losses in 2026 have already exceeded $300M, with a 200% increase in high-value individual thefts. Attackers are now scanning for wallets with high token balances and low history of revocation. They don't need to hack smart contracts; they just need to clone a legitimate dApp UI and ask for an approval.
The actionable insight: Do not approve unlimited allowances. Use per-approval (e.g., approve exact amount needed) or use a wallet that forces per-transaction limits. Check the "allowance" function on Etherscan after every interaction. Use a tool like Revoke.cash weekly. If you're a high-value wallet, consider a separate hot wallet with minimal funds for approvals only, and a cold wallet for storage.
The market will continue to treat these as isolated incidents until wallets and protocols enforce mandatory simulation warnings for any approve call. But until then, the attack surface grows with every new user. The next $1M victim could be you.
NFT floor is a feeling, not a number. But your token balance is a number—protect it.
— Chris Moore