Carding
Professional
- Messages
- 2,871
- Reaction score
- 2,467
- Points
- 113
Tether froze the scammer's account, but did not have time to save the victim's funds.
According to blockchain analytics firm PeckShield, on August 1, an attacker successfully phished with a null transaction and stole 20 million USDT (Tether's stablecoin) before his account was blocked by Tether.
The fraud victim wanted to transfer funds from his wallet to another address. But due to the actions of the scammer, the money was redirected to a phishing address, the name of which was similar to the address of the recipient.
The theft occurred when the victim's wallet received 10 million USDT from a Binance account. After the funds were transferred, the scammer carried out an attack through a null transaction - he sent a zero amount of USDT from the victim's account to the phishing address. As a result, the victim, believing that he was transferring money to a familiar address, mistakenly sent 20 million real USDT to the scammer.
Tether froze the attacker's wallet within an hour - immediately after the fraudulent activity was detected. Such a speed of reaction to the incident caused surprise in the crypto community.
It is important to note that the main danger of zero-transaction phishing attacks is that users often check only the first or last digits of a wallet address, without looking at it in its entirety.
Such negligence leads to the fact that users do not notice the substitution and send assets to phishing addresses. Fraudsters, in turn, create addresses that look almost the same as those used by the victims before. If the user has already sent coins to a specific deposit address on the exchange, the scammer can send 0 coins from the user's wallet to a phishing wallet with a similar address.
Often, users mistake such a transaction for the correct deposit address and send their funds to it. This type of scam has grown in popularity over the past year. The first known case occurred in December last year and resulted in over $40 million in damages.
To prevent such incidents, you should always carefully check the full wallet address, and not just its first and last digits. In addition, users can implement additional security measures such as two-factor authentication (2FA) and the use of hardware wallets.
According to blockchain analytics firm PeckShield, on August 1, an attacker successfully phished with a null transaction and stole 20 million USDT (Tether's stablecoin) before his account was blocked by Tether.
The fraud victim wanted to transfer funds from his wallet to another address. But due to the actions of the scammer, the money was redirected to a phishing address, the name of which was similar to the address of the recipient.
The theft occurred when the victim's wallet received 10 million USDT from a Binance account. After the funds were transferred, the scammer carried out an attack through a null transaction - he sent a zero amount of USDT from the victim's account to the phishing address. As a result, the victim, believing that he was transferring money to a familiar address, mistakenly sent 20 million real USDT to the scammer.
Tether froze the attacker's wallet within an hour - immediately after the fraudulent activity was detected. Such a speed of reaction to the incident caused surprise in the crypto community.
It is important to note that the main danger of zero-transaction phishing attacks is that users often check only the first or last digits of a wallet address, without looking at it in its entirety.
Such negligence leads to the fact that users do not notice the substitution and send assets to phishing addresses. Fraudsters, in turn, create addresses that look almost the same as those used by the victims before. If the user has already sent coins to a specific deposit address on the exchange, the scammer can send 0 coins from the user's wallet to a phishing wallet with a similar address.
Often, users mistake such a transaction for the correct deposit address and send their funds to it. This type of scam has grown in popularity over the past year. The first known case occurred in December last year and resulted in over $40 million in damages.
To prevent such incidents, you should always carefully check the full wallet address, and not just its first and last digits. In addition, users can implement additional security measures such as two-factor authentication (2FA) and the use of hardware wallets.