Latest news about Bitcoin and all cryptocurrencies. Your daily crypto news habit.
Zero transfer scams are becoming prominent in the crypto ecosystem, with over $40 million stolen in 2023.
A scammer using zero transfer phishing attack managed to steal $20 million worth of Tether (USDT) on Aug. 1 before getting blacklisted by the stablecoin’s issuer Tether.
According to an update from on-chain analytic firm PeckShield, A zero transfer scammer grabbed 20 million USDT from the victim address 0x4071...9Cbc. The intended address that the victim planned to send money to was 0xa7B4BAC8f0f9692e56750aEFB5f6cB5516E90570; however, it was sent to a phishing address instead: 0xa7Bf48749D2E4aA29e3209879956b9bAa9E90570.
The zero transfer phishing scam. Source: Etherscan
The victim’s wallet address first received $10 million from a Binance account. The victim then sent it to another address before the scammer jumped in. The scammer then sent a fake Zero USDT token transfer from the victim’s account to the phishing address. A few hours later, the victim sent 20 million USDT to the scammer, thinking they were transferring it to their desired address.
The wallet was immediately frozen by USDT issuer Tether, which raised eyebrows at the speedy nature of the action.
Curious who this would be if it was blacklisted within ~1 hr
— ZachXBT (@zachxbt) August 1, 2023
Users generally check the first or last five digits of a wallet address, not the whole address, leading them to send the assets to a phishing address. The victim is tricked into sending a transaction for zero tokens from their wallet to an address that resembles one to which they have already sent tokens before.
How a zero transfer scam works. Source: Coinbase
For instance, if the victim sent 100 coins to an address for an exchange deposit, the attacker might send 0 coins from the victim’s wallet to an address that appears similar but is controlled by the attacker. Upon viewing this transaction in their transaction history, the victim might assume that the address displayed is the proper deposit address and send their coins to the phishing address.
Related: Is SBF secretly behind BALD? Crypto Twitter debates latest conspiracy
Zero transfer phishing scams have become quite prominent in the crypto ecosystem over the past year, with multiple instances coming to light. One of the first instances of a zero transfer scam occurred in December 2022, with over $40 million in losses to such attacks since.
Collect this article as an NFT to preserve this moment in history and show your support for independent journalism in the crypto space.
Magazine: How smart people invest in dumb memecoins — 3-point plan for succes
Publication date
Disclaimer
The views and opinions expressed in this article are solely those of the authors and do not reflect the views of Bitcoin Insider. Every investment and trading move involves risk - this is especially true for cryptocurrencies given their volatility. We strongly advise our readers to conduct their own research when making a decision.