20 Million USDT Scam Foiled: Deceptive Wallet Impersonation Prevented in Time

In a surprising turn of events on August 1, 2023, the crypto community on Twitter uncovered a deceitful scheme carried out by Tether, a stablecoin issuer. The company blacklisted a wallet address containing 20 million USDT, effectively “freezing” the funds and preventing them from being transferred elsewhere.

What makes this discovery even more noteworthy is that the 20 million USDT was only recently withdrawn from Binance, just an hour before it was frozen.

According to cybersecurity firm PeckShield, this incident is the result of a sophisticated crypto scam known as “zero transfer.” In this method, malicious actors create a wallet address with characters at the beginning and end identical to the victim’s wallet address. They then perform transactions, sending small amounts of tokens to this deceptive address to camouflage their activities. Later, when the victim attempts to transfer funds out, they may inadvertently select the imposter address, falling prey to the scammer’s trap.

In the recent case, the attacker utilized a phishing address, “0xa7Bf48749D2E4aA29e3209879956b9bAa9E90570,” which shares the first five and last six characters with the victim’s legitimate address, “0xa7B4BAC8f0f9692e56750aEFB5f6cB5516E90570.” Many crypto wallet applications and DeFi platforms display only the first and last characters of an address for user interface purposes, unwittingly enabling attackers to exploit the zero transfer attack.

Changpeng Zhao, CEO of Binance, issued a warning to the community, acknowledging that anyone could fall victim to this trap. The targeted individual in this incident, as per CZ, was an experienced Chinese crypto investor. He shared the details on Twitter, stating that they were fortunate enough to detect the scam quickly, saving themselves from a loss of $20 million. CZ emphasized the importance of recognizing these tactics and taking preventive measures.

The scammers have become adept at generating addresses with matching starting and ending letters, capitalizing on the tendency of people to check only those portions when conducting a crypto transfer. Additionally, many wallets obscure the middle part of an address with ellipses (“…”) to improve the user interface. As a consequence, when users attempt to copy an address from a previous transaction, they may inadvertently choose the wrong one, as was the case in this recent incident.

Fortunately, the victim noticed the error immediately after the transaction and acted swiftly to request the freezing of the USDT funds. The process to reclaim the funds will involve filing a police report, but at least the scammers won’t be able to abscond with the money.

As exemplified in this incident, a prompt response is crucial in such recovery efforts. It serves as a vital reminder for all crypto users to exercise utmost caution and vigilance to avoid falling victim to such scams. The crypto community should stay informed about emerging threats and employ necessary security measures to protect their assets effectively.

Read more:

Follow us on Telegram

Follow us on Twitter

Follow us on Facebook

Follow us on Reddit

You might also like