One of my known person's wallets has been hacked a few days back. Then he contacts Metamask about how it has happened. They said the metamask was connected to a couple of sites for a long time and users didn't disconnect wallets.
I'm sorry to hear that, but it really was user error. Your friend may not know how to keep his funds safe or maybe he trusts the platform too much for his funds. We have heard a lot of suggestions that any platform is not a safe place to store funds, connect wallet at one platform without disconnecting after completing trade is a fatal mistake.
I don't blame hackers in this because someone forgot about the responsibility for his funds especially about the security of his funds and wallet. Of course this will be a good lesson not to repeat the same mistakes in the future. But by the way, have you warned him?
I learned from him that we shouldn't keep connected any Dapps for a long time. It would drain wallet funds after a certain period. Always disconnect your wallet even if you connect for any reason. Don't just leave it as it is. Hackers have powerful tools to trace you and drain your wallet. Don't give that chance.
Crime can be committed when the opportunity arises, so we should be responsibility to close all loopholes from scammers.