in my personal experience in terms of connecting wallets with various sites or Dapps have never experienced any hacking until now. and I have never disconnected from any Dapp I once connected. so in your friend's case I don't think it's because of the wallet's relationship with one of the Dapps but it's purely your friend's fault. because hackers set traps wherever they think they can take someone else's wallet.
There is no technical conclusive proof about the stories, whether it is caused by the user's negligence or simply because of a hack. But wallet condition affects how an attacker could access your funds, in this case, a hack that might be caused by token approval is still possible. As I have said before in this thread, there is a difference about disconnecting the wallet.
In fact, it is the reason why there exists a platform that checks users' smart contract allowances/token approval, it could be used for mitigation or as a self assessment of user risk.