The crypto industry is constantly subject to sporadic reports of crypto thefts and scams and the most recent one was a hacker who managed to steal $20 million in Tether’s USDT stablecoin.
How The Scammer Stole $20 Million In USDT
The eye-popping heist was the result of a perfectly executed zero-transfer phishing attack. To carry out the theft, the hackers had to create an address that looked similar to the receiver’s address.
An on-chain data report from Peckshield shows that the scammer created a spoofed transaction that looked like a legitimate transfer of USDT from the victim’s wallet 0xa7Bf48749D2E4aA29e3209879956b9bAa9E90570, the scammer’s wallet address. However, no funds were actually moved. Following this, the victim unknowingly sent $20 million to the scammer’s address.
The hack was made possible due to the similarity between the intended receiver’s and the scammer’s addresses. On-chain data shows that the intended address, 0xa7B4BAC8f0f9692e56750aEFB5f6cB5516E90570, had frequently transacted with the victim’s wallet address.
Tether Blacklists Address To Stop Scammer
Although the hackers were able to carry out the daring attack successfully, the funds remain inaccessible. Once Tether, the company behind USDT, discovered the unauthorized transactions, they took quick action. Tether has since blacklisted the scammer’s address, preventing them from depositing or withdrawing the stolen USDT.
USDT market cap sitting at $83.8 billion | Source: Market Cap USDT on Tradingview.com
Tether’s intervention was done barely an hour after the attack. While Tether showcased its ability to act against fraud and protect its USDT users, the fast nature of the intervention has left others wondering who the victim might be.
Curious who this would be if it was blacklisted within ~1 hr
— ZachXBT (@zachxbt) August 1, 2023
Zero-Transfer Attacks
New data shows that crypto scam and hack losses in the first half of 2023 were down a staggering 75% compared to the same period last year. However, the anonymous nature of crypto transactions makes them a constant target for scammers and hackers.
As cryptocurrencies become more popular, more sophisticated hacks and scam methods are likely to emerge. Around $108 million was lost due to victims falling victim to phishing scams in the first half of 2023.
Zero transfer phishing attacks, in particular, have become increasingly popular in recent months, leading to losses of more than $40 million. The first known incident of a zero transfer phishing attack was reported in December 2022.
Crypto users typically only check the first and last few digits of wallet addresses before making transfers and hackers have capitalized on these unsuspecting crypto users who unknowingly transfer cryptocurrencies over to them.