On August 1, a hacker using a zero transfer phishing attack stole $20 million worth of Tether before being blacklisted by the stablecoin’s issuer, Tether.
A zero transfer fraudster allegedly stole 20 million USDT from the victim address 0x4071…9Cbc, as reported by the on-chain analytics firm PeckShield.
The victim intended to send funds to the address 0xa7B4BAC8f0f9692e56750aEFB5f6cB5516E90570; however, the funds were sent to a fraudulent address: 0xa7Bf48749D2E4aA29e3209879956b9bAa9E90570.
The wallet address of the victim initially received $10 million from a Binance account. The victim then forwarded it to another address before the hacker intervened. The con artist then sent a fraudulent transfer of zero USDT tokens from the victim’s account to the phishing address.
A few hours later, the victim wired 20 million USDT to the con artist, believing they were transmitting the funds to the victim’s desired address.
Tether, the issuer of USDT, promptly froze the wallet, which raised eyebrows due to the promptness of the action.
Users typically examine the first or last five digits of a wallet address rather than the entire address, leading to the transfer of assets to a fraudulent address.
The victim is duped into transferring a zero-token transaction from their wallet to an address that resembles an address to which they have previously sent tokens.
For example, if the victim sent 100 coins to an address for an exchange deposit, the attacker could transmit 0 coins from the victim’s wallet to a similar-looking address under their control.
The victim may transfer their cryptocurrency to the phishing address after viewing this transaction in their transaction history and assuming that the displayed address is correct.
Multiple instances of zero-transfer phishing schemes have surfaced in the crypto ecosystem over the past year, demonstrating their prevalence. Since December 2022, when one of the first zero transfer scams occurred, over $40 million has been lost to such attacks.
