Often we need to connect wallet third-party sites for various reasons. We should always ignore connecting our wallet to an unknown and unsafe site. That's how your wallet would be drained. One of my known person's wallets has been hacked a few days back. Then he contacts Metamask about how it has happened. They said the metamask was connected to a couple of sites for a long time and users didn't disconnect wallets. Hackers took this advantage and take control of full wallets. So funds have been drained from all the addresses. Metamask doesn't disclose which Dapps and how happened.
I learned from him that we shouldn't keep connected any Dapps for a long time. It would drain wallet funds after a certain period. Always disconnect your wallet even if you connect for any reason. Don't just leave it as it is. Hackers have powerful tools to trace you and drain your wallet. Don't give that chance.
in my personal experience in terms of connecting wallets with various sites or Dapps have never experienced any hacking until now. and I have never disconnected from any Dapp I once connected. so in your friend's case I don't think it's because of the wallet's relationship with one of the Dapps but it's purely your friend's fault. because hackers set traps wherever they think they can take someone else's wallet.