Skip to content
Active Currencies: 17,422
Market Cap: $2.288T
Bitcoin Dominance: 56.27%
24h Market Cap Change: $0.71

Hacker steals $20 mln USDT through zero-value transfer scam

A zero-value transfer scam worth $20M USDT got detected, with Tether blacklisting the offending address within an hour of the attack.

Written by Written by Saman Waris
Reviewed by Reviewed by Saman Waris
Updated August 2, 2023
usdt
  • The victim received 10 million USDT from Binance a few days earlier.
  • Prominent on-chain investigator, ZachXBT, noted how quickly Tether responded to this attack.

PeckShieldAlert, a blockchain security service, reported on 1 August that a scammer stole 20 million USDT from 0x407e using a zero-transfer attack. 

Tether proactively froze the stolen crypto assets by blacklisting the USDT scammer’s addresses within an hour.

The victim received 10 million USDT from Binance [BNB] a few days earlier and had transferred the coins to the intended alternate address.

However, during that transfer, the fraudster sent a zero-value token from the victim’s address to their phishing address. A few hours later, the victim transferred the fraudster 20 million USDT, believing they were sending it to their preferred address.

How a zero-value transfer scam works

A zero-value transfer scam has a peculiar modus operandi. First, the scammer fools the customers into making a transaction worth $0 to a phishing address that reads similar to one where the victim routinely transfers funds.

Most users only look at the first and last few digits of a wallet address, ignoring the entire address. This is how scammers outwit users by using a phishing address that appears to be the original address at first sight.

Because the transfers have no monetary value, they do not require the victim’s private key to perform. Though this transfer itself cannot steal funds, it can deceive victims into sending real funds to the wrong address in the future. This could happen if the user frequently depends on their transaction history to verify addresses to which they make transactions.

In the above-mentioned scam, the swindler duped the victim into sending $0 USDT to a phishing address. When the user attempted to complete a legitimate transaction, they mistook the phishing URL for the original.

Prominent on-chain investigator, ZachXBT, noted on Twitter how quickly Tether responded to this attack.

Disclaimer: AMBCrypto's content is meant to be informational in nature and should not be interpreted as investment advice. Trading, buying or selling cryptocurrencies should be considered a high-risk investment and every reader is advised to do their own research before making any decisions.

Saman Waris

Editor

Saman Waris works as a Senior News Editor at AMBCrypto. She has always been fascinated by how the tides of finance and technology shape communities across demographics. Cryptocurrencies are of particular interest to Saman, with much of her writing centered around understanding how ideas like Momentum and Greater Fool theories apply to altcoins, specifically, memecoins.

Related Articles

AMBCrypto
Facebook X Instagram Youtube Linkedin

AMBCrypto was founded in 2018 with a mission to simplify and bring the latest blockchain and cryptocurrency news to our readers. We have quickly grown into the digital news source for an emerging generation of cryptocurrency enthusiasts, reaching more than a million readers on a monthly basis, across the globe.