Table of Contents
A scammer managed to steal $20 million worth of Tether (USDT) on the 1st of August, using a zero transfer phishing attack.
Tether immediately swung into action, blocking the scammer’s address and blacklisting them, all within an hour of the attack being orchestrated.
Zero Transfer Attack
Blockchain users have to always be on their guard when making on-chain transactions, primarily due to the threat of hackers and scammers. One such scammer managed to steal $20 million worth of Tether (USDT) by orchestrating a zero-transfer phishing attack. Most zero-transfer attacks operate using the same modus operandi. Hackers trick the user into sending a $0 transaction to a phishing address similar to an address the victim frequently transacts with or transfers funds to.
Users typically check only the first and last few digits of a wallet address and ignore reading the complete address. This is the loophole that hackers are able to use, outsmarting the intended victim with a phishing address that looks similar to the original address. Users that don’t bother to check the whole address typically fall for such attacks. For example, if a user sends 100 coins to a particular address, the hacker could send 0 coins from the victim’s wallet to a similar address controlled by the attacker.
The victim views the transaction in their transaction history and assumes that the address in question is the proper address and ends up sending the transaction to the phishing address instead.
The Tether Attack
Data from On-chain analytic firm PeckShield has shown that a scammer managed to grab $20 million worth of USDT using this type of attack. The intended address to which the victim wanted to send the funds was 0xa7B4BAC8f0f9692e56750aEFB5f6cB5516E90570. However, the scammer tricked the victim into sending the funds to another address, 0xa7Bf48749D2E4aA29e3209879956b9bAa9E90570, as shown by PeckShield in its analysis.
Data shows that the victim’s wallet address initially received $10 million from a Binance account.
This was sent to another address before the scammer jumped into the middle of the transaction, sending a fake Zero USDT transfer from the victim’s account to the phishing address in question. Following this, the victim inadvertently ended up sending 20 million USDT to the phishing address, thinking they were transferring it to the original address.
“#PeckShieldAlert A #ZeroTransfer scammer grabbed 20M $USDT from 0x4071...9Cbc. Intended Address: 0xa7B4BAC8f0f9692e56750aEFB5f6cB5516E90570 Phishing Address: 0xa7Bf48749D2E4aA29e3209879956b9bAa9E90570.”
Tether Swings Into Action
Tether was extremely proactive in dealing with the scammer, almost immediately freezing the stolen funds by putting the scammer’s address on a blacklist. This was done barely an hour after the attack. Tether’s quick response has raised plenty of eyebrows regarding the victim’s identity, with on-chain sleuth ZachXBT tweeting his curiosity about the victim’s identity.
“Curious who this would be if it were blacklisted within ~1 hr. Tether takes days to do that after obvious hacks but was acted here extremely quickly.”
According to some members of the crypto community, the victim could be an influential individual or a very large firm. Zero transfer scams are becoming increasingly common in the crypto space over the past year. The first instance of a big zero transfer scam occurred in December 2022, with the ecosystem losing around $40 million to similar attacks since.
Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.