Zero transfer scammer steals $20M USDT, gets blacklisted by Tether

cointelegraph.com:

A scammer using zero transfer phishing attack managed to steal $20 million worth of Tether (USDT) on Aug. 1 before getting blacklisted by the stablecoin’s issuer Tether.

According to an update from on-chain analytic firm PeckShield, A zero transfer scammer grabbed 20 million USDT from the victim address 0x4071...9Cbc. The intended address that the victim planned to send money to was 0xa7B4BAC8f0f9692e56750aEFB5f6cB5516E90570; however, it was sent to a phishing address instead: 0xa7Bf48749D2E4aA29e3209879956b9bAa9E90570.

The victim’s wallet address first received $10 million from a Binance account. The victim then sent it to another address before the scammer jumped in. The scammer then sent a fake Zero USDT token transfer from the victim’s account to the phishing address. A few hours later, the victim sent 20 million USDT to the scammer, thinking they were transferring it to their desired address.

The wallet was immediately frozen by USDT issuer Tether, which raised eyebrows at the speedy nature of the action.

Curious who this would be if it was blacklisted within ~1 hr

Users generally check the first or last five digits of a wallet address, not the whole address, leading them to send the assets to a phishing address. The victim is tricked into sending a transaction for zero tokens from their wallet to an address that resembles one to which they have already sent tokens before.

For instance, if the victim sent 100 coins to an address for an exchange deposit, the attacker might send 0 coins from the victim’s wallet to an address that appears similar but is controlled by the attacker. Upon viewing this transaction in their transaction history, the victim might assume that the address displayed is the proper deposit address and