A joint cybercrime investigation by the U.S. Secret Service and Canadian officials has uncovered a complex Ethereum scam that led to $4.3 million in losses from compromised digital wallets. Announced Wednesday, the collaborative mission—dubbed Operation Avalanche—aimed to protect victims of so-called “approval phishing” attacks.
The operation brought together U.S. investigators, Canadian police departments, crypto exchanges, securities regulators, and blockchain analysts to track stolen funds and identify affected wallet addresses. Once compromised wallets were located, authorities issued targeted warnings to alert users about unauthorized approvals that allowed scammers to siphon tokens without private key access.
Unlike traditional hacks that require access to a user’s private keys, approval phishing exploits token authorization systems built into many Ethereum-based smart contracts. Victims are tricked into granting permissions to malicious actors via fake interfaces or deceptive popups—giving attackers full control to drain assets without triggering suspicion.
In this case, criminals deployed counterfeit websites and lured users into unknowingly signing on-chain approvals that enabled remote token extraction from legitimate wallet apps.
Secret Service Targets Crypto Crime Globally
The Secret Service, whose mandate includes protecting the financial infrastructure of the United States, has been increasingly active in combating crypto crime. Just last month, the agency seized domains linked to Russian crypto exchange Garantex and froze multiple associated assets.
Their latest campaign tackles approval phishing—a scam that doesn’t rely on stolen passwords or private keys. Instead, victims are tricked into granting token approvals via seemingly legitimate websites or apps. Once the permission is given, scammers gain the ability to remotely drain wallets without needing full access credentials.
These attacks are subtle, often bypassing common security alarms, and require victims to manually revoke approvals to stop further losses. The collaborative efforts of U.S. and Canadian authorities demonstrate how coordinated global action can neutralize such emerging threats before they scale.
Special Agent in Charge Matt McCool highlighted the growing importance of international collaboration in fighting sophisticated blockchain scams.
“Our analysts from the Washington Field Office provided Canadian officials with the help needed to disrupt this scheme and prevent bad actors from continuing to receive stolen funds,” McCool said.
“We will continue working with Canadian law enforcement and financial partners to identify and seize stolen assets to return to victims.“
With blockchain crime growing more complex, both regulatory and law enforcement entities are signaling an intensified focus on prevention, recovery, and digital financial integrity.
The rise in cryptocurrency adoption has been paralleled by an increase in related scams. Phishing attacks, in particular, have become more prevalent, with fraudsters employing increasingly sophisticated methods to deceive users. Authorities urge individuals to exercise caution, verify sources, and employ robust security measures when dealing with digital assets.
Quick Facts
- A joint U.S.-Canada operation dismantled a $4.3 million Ethereum phishing scam
- Fraudsters used fake websites to trick users into giving token approvals
- International collaboration was key to identifying the perpetrators
- Authorities advise increased vigilance against crypto-related scams
