Crypto investor loses $2.5M in stablecoins in double phishing scam

1 month ago CryptoExpert
Crypto investor loses $2.5M in stablecoins in double phishing scam


A single victim has been scammed two times within three hours, losing a total of $2.5 million in stablecoins.

According to data shared on May 26 by crypto compliance firm Cyvers, the victim sent 843,000 worth of USDt (USDT) followed by another 2.6 million USDt around three hours later. Cyvers said the scam used a method known as a zero-value transfer, a sophisticated form of onchain phishing.

Source: Cyvers Alert

Zero-value transfers are an onchain phishing technique that abuses token transfer functions to trick users into sending real funds to attackers. The attackers exploit the token transferFrom function to transfer zero tokens from the victim’s wallet to a spoofed address.

Since the amount transferred is zero, no signature by the victim’s private key is necessary for onchain inclusion. Consequently, the victims will see the outgoing transaction in their history.

bybit

The victim may trust this address since it is included in their transaction history, mistaking it as a known or safe recipient. They may then send real funds to the attacker’s address in a future transaction.

In one high-profile case, a scammer using zero transfer phishing attack managed to steal $20 million worth of USDT before getting blacklisted by the stablecoin’s issuer in the summer of 2023.

Related: Hackers using fake Ledger Live app to steal seed phrases and drain crypto

Advanced form of address poisoning

A Zero-value transfer is considered an evolution of address poisoning — a tactic where attackers send small amounts of cryptocurrency from a wallet address that closely resembles a victim’s real address, often with the same starting and ending characters. The goal is to trick the user into accidentally copying and reusing the attacker’s address in future transactions, resulting in lost funds.

The technique exploits how users often rely on partial address matching or clipboard history when sending crypto. Custom addresses with similar starting and ending characters can also be combined with zero-value transfers.

Related: Industry exec sounds alarm on Ledger phishing letter delivered by USPS

Threat growing across blockchains

A January 2025 study found that over 270 million poisoning attempts occurred on BNB Chain and Ethereum between July 1, 2022, and June 30, 2024. Of those, 6,000 attempts were successful, leading to losses over $83 million.

The report follows crypto cybersecurity firm Trugard and onchain trust protocol Webacy announcing an artificial intelligence-based system for detecting crypto wallet address poisoning. The new tool purportedly has a success score of 97%, tested across known attack cases.

Magazine: Crypto scam hub expose stunt goes viral, Kakao detects 70K scam apps: Asia Express



Source link

Tags:
Changelly

More Stories

XRP Ledger Drives Real-World Asset Growth as Ripple Expands Compliance-Focused Offerings

XRP Ledger Drives Real-World Asset Growth as Ripple Expands Compliance-Focused Offerings

16 hours ago CryptoExpert
Fuzzland Reveals Ex-Employee Behind $2M Bedrock UniBTC Exploit

Fuzzland Reveals Ex-Employee Behind $2M Bedrock UniBTC Exploit

2 days ago CryptoExpert
Bitcoin Accounts For One-Third of Investor Crypto Portfolios in 2025

Bitcoin Accounts For One-Third of Investor Crypto Portfolios in 2025

3 days ago CryptoExpert
FTX Lawyers Want $1.53 Billion 3AC Claim Tossed

FTX Lawyers Want $1.53 Billion 3AC Claim Tossed

4 days ago CryptoExpert
UK Trails EU, US in Crypto Regulation, Think Tank Warns

UK Trails EU, US in Crypto Regulation, Think Tank Warns

5 days ago CryptoExpert
Crypto Cycle ‘Spookily Similar’ to 2017

Crypto Cycle ‘Spookily Similar’ to 2017

6 days ago CryptoExpert

Leave a Reply

Your email address will not be published. Required fields are marked *

You may have missed

Best Forex Brokers in South Africa? Honest PU Prime Review 2025

5 hours ago CryptoExpert
Pi Network’s Rumored AI Partnership Sparks Pi2Day Hype

Pi Network’s Rumored AI Partnership Sparks Pi2Day Hype

15 hours ago CryptoExpert
ADA price action

ADA could retest the $0.5111 low amid a bearish price action

15 hours ago CryptoExpert
Ethereum Price Analysis: Why is ETH Under-Performing This Year?

Bit Digital Shifts Focus to Ethereum Staking, Phases Out Bitcoin Mining

15 hours ago CryptoExpert
You have not selected any currency to display

Pin It on Pinterest

Crypto-Moon
Fiverr
Crypto-Moon
Crypto investor loses $2.5M in stablecoins in double phishing scam
bybit
Changelly
XRP Ledger Drives Real-World Asset Growth as Ripple Expands Compliance-Focused Offerings
Fuzzland Reveals Ex-Employee Behind $2M Bedrock UniBTC Exploit
Bitcoin Accounts For One-Third of Investor Crypto Portfolios in 2025
FTX Lawyers Want $1.53 Billion 3AC Claim Tossed
UK Trails EU, US in Crypto Regulation, Think Tank Warns
Crypto Cycle ‘Spookily Similar’ to 2017
BillFodl
TokenMetrics
Pi Network’s Rumored AI Partnership Sparks Pi2Day Hype
ADA price action
Ethereum Price Analysis: Why is ETH Under-Performing This Year?
Bitcoin Chases Range Highs While Altcoins Struggle
Pi Network’s Rumored AI Partnership Sparks Pi2Day Hype
ADA price action
Ethereum Price Analysis: Why is ETH Under-Performing This Year?