- Web3 Antivirus highlighted that stETH and aEthWBTC cryptocurrencies worth over $6.5 million were drained.
- Funds were drained through malicious approvals.
- Another wallet had earlier lost ETH, LINK, DAI, and WBTC because of an address poisoning scam.
Cryptocurrencies worth more than $6 million have been drained from a DeFi wallet. A malicious actor was able to transfer stETH and aEthWBTC through illegitimate approvals. A victim had earlier lost their funds via an address poisoning scam. Binance Founder Changpeng Zhao recently underlined how hackers were beginning to approach victims in a creative manner.
DeFi Wallet Loses Over $6M Worth Cryptocurrencies
According to an X post by Web3 Antivirus, a DeFi Wallet that was operational for 4.5 years was drained through malicious approvals. The user reportedly lost stETH and aEthWBTC worth more than $6.5 million. Stolen stETH alone were around $4 million, with aEthWBTC making up for the rest of the amount.
We’ve detected one of the largest wallet drainers in recent months, with total losses now surpassing $6.5M.
The victim wallet had been active for 4.5 years, trading and investing across DeFi, with significant activity on protocols like Lido and Aave. Despite this long history,… pic.twitter.com/Zfp9YhRGYj
— Web3 Antivirus (@web3_antivirus) September 18, 2025
Malicious approvals happen when users unknowingly grant access to a smart contract by approving a transaction. Web3 Antivirus recommended that users verify permissions before granting them. It added that users should also consider revoking permissions that are no longer required. The incident reported by Web3 Antivirus has highlighted that the only way to stay protected is to prevent a malicious incident in Web3.
Web3 Antivirus Earlier Reported Address Poisoning Scam
Web3 Antivirus earlier reported a case of address poisoning scam. It said that a victim was slipped a lookalike address by scammers before multiple malicious transactions were executed. Funds stolen were ETH, LINK, DAI, and WBTC. While Web3 Antivirus did not mention the value of drained funds, it said that assets were lost within minutes.
This victim’s wallet has just been hit hard by a series of address poisoning scams, losing multiple assets within mins.
Scammers slipped in lookalike addresses and drained funds in $ETH, $LINK, $WBTC and $DAI, one transaction after another.
This is exactly what happens when… pic.twitter.com/KVNSlH9B9o
— Web3 Antivirus (@web3_antivirus) September 18, 2025
Web3 Antivirus recommended using pre-sign protection to avoid a scam of this manner. It added that users should simultaneously consider verifying the wallet address. Mechanisms like pre-sign protection alert users before they sign a poisoned address.
Binance Founder Changpeng Zhao Also Flagged Hacking Advancements
Changepeng Zhao, Founder of Binance, recently flagged creative ways in which attackers were gaining a foothold in the crypto market. He explained creative hacking advancements by stating that hackers were posing as employers and employees to gain data access. Also known as CZ, Zhao added that hackers pose as users to share customer support requests, which then downloads viruses on a device.
A report by Chainalysis has highlighted that more than $2.17 billion worth of funds have been drained by the middle of 2025. A large number of victims hailed from the US, Russia, Germany, Indonesia, Japan, and South Korea. Chainalysis’s report also noted ByBit’s incident, where DPRK drained $1.5 billion worth of funds.
Highlighted Crypto News Today:
Will Avalanche (AVAX) Bulls Scale Higher or Lose Their Footing?