A crypto user lost $5,000 from a hot wallet in a hotel after making “stupid mistakes,” like using open WiFi and approving a routine wallet request. Attackers combined network tricks with social cues to drain funds days later, as analyzed by security firm Hacken for Cointelegraph. Hotel WiFi poses a threat.

The attacker exploited open networks like the hotel’s to inject malicious JavaScript into legitimate websites, targeting the victim, who was discussing crypto holdings in a public phone call. The victim’s signed approval of a seemingly normal transaction allowed the attacker to drain the wallet of Solana and other tokens. Talking crypto in public can paint a target.

The attack fit a class of approval abuse, where attackers obtain permissions and wait before executing transfers. The victim’s secondary hot wallet was emptied of SOL and tokens after a single approval. Users are advised to treat public networks as hostile, transact from secure devices, and never discuss holdings or wallet details in public.

Read more at Cointelegraph: How a Wallet Approval Wiped a Crypto Wallet