- The company froze the funds within an hour of the incident.
- The attacker used the Zero Transfer scheme.
- It allows the target wallet address to be spoofed with a fake one in EVM chains and the Tron network, experts say.
Tether responded swiftly to the theft of 20 million USDT from a user, according to analysts at the PeckShield project. The attacker used the Zero Transfer method to swindle funds from the victim.
This type of scam involves spoofing the target address with a similar one that differs by just a few characters. Here’s an example:
- correct: 0xa7B4BAC8f0f9692e56750aEFB5f6cB5516E90570;
- fishing: 0xa7Bf48749749D2E4aA29e3209879956b9bAa9E90570.
The attempt was successful and the victim sent USDT 20 million to the fake address. According to PeckShield experts, Tether froze funds within an hour. At the time of writing, the account is blocked, according to Etherscan.
Address spoofing in this scheme is done via the TransferFrom function. The scammers send 0 ether to the victim’s account, after which the transaction appears in the transaction history.
Since the addresses are not displayed in full, a trader can confuse the target wallet, thereby sending money to the scammers, notes A&D Forensics. The scheme initially targeted the Tron network and EVM chains, the publication added.
In late June 2023, the Binance exchange published a report that hackers had switched to end users instead of protocols.
According to Kaspersky Lab, one in three crypto investors were affected by cybercriminals.