In 2023, the crypto ecosystem has seen a rise in zero transfer scams, with over $40 million already lost to these phishing attacks. On August 1st, one such scammer used a zero transfer phishing attack to steal $20 million in USDT stablecoin before being blacklisted by Tether, the cryptocurrency’s issuer.
Peckshield, an on-chain analytic firm, reported that the scammer obtained 20 million USDT from the victim’s address, 0x4071…9Cbc. The victim had intended to send the funds to address 0xa7B4BAC8f0f9692e56750aEFB5f6cB5516E90570, but instead, the funds were sent to a phishing address: 0xa7Bf48749D2E4aA29e3209879956b9bAa9E90570.
Tether Responded Quickly to the Attack
The victim initially received 10 million USD from a Binance account in their wallet address. They then transferred the funds to another address. However, the scammer intervened by sending a fake Zero USDT token transfer from the victim’s account to their own phishing address.
A few hours later, the victim mistakenly sent 20 million real USDT to the scammer, believing they were transferring it to a known address.
Tether, the USDT issuer, quickly froze the wallet, raising questions about the speed of their response. Scammers take advantage of the fact that users often only check the first or last five digits of a wallet address, rather than the entire address.
Curious who this would be if it was blacklisted within ~1 hr
— ZachXBT (@zachxbt) August 1, 2023
This allows them to trick users into sending assets to a phishing address. In this case, the victim was duped into sending a zero token transaction from their wallet to an address that looked similar to the one they had sent tokens before.
Suppose a victim transfers 100 coins to an address for an exchange deposit. An attacker could then send 0 coins from the victim’s wallet to an address that appears similar but is actually under the attacker’s control. When the victim sees this transaction in their history, they may assume that the displayed address is the correct deposit address and send their coins there.
Over the past year, zero transfer phishing scams have become increasingly common in the crypto ecosystem, with multiple cases being reported. The first known instance of this type of scam occurred in December of last year, and since then, over $40 million has been lost to such attacks.
