Security firm CertiK reported that a hacker withdrew $340 000 in USDC by exploiting an approval given in 2020.

What happened

According to the report, the wallet owner signed an approval on a phishing site in 2020, granting token transfer rights to a malicious contract.

The attacker kept the approval unused for years, monitored the address, and executed a single transaction when balances grew significantly.

That solitary operation allowed the actor to move the entire USDC balance from the address, resulting in a loss of $340 000.

Security recommendations

Experts remind users to periodically review and revoke unnecessary permissions in wallet settings and to avoid interacting with unverified dApps and links.

• Audit token approvals regularly and revoke unused allowances through trusted interfaces.
• Confirm domains and contract addresses before granting permissions to any application.
• Prefer hardware wallets for long-term storage of large balances and enable additional on-chain safeguards.

CertiK's findings underscore that old approvals remain a persistent risk and that proactive permission management helps reduce exposure to delayed exploits.