Crypto investor loses $2.5M in stablecoins in double phishing scam

A azygous unfortunate has been scammed 2 times wrong 3 hours, losing a full of $2.5 cardinal successful stablecoins.

According to data shared connected May 26 by crypto compliance steadfast Cyvers, the unfortunate sent 843,000 worthy of USDt (USDT) followed by different 2.6 cardinal USDt astir 3 hours later. Cyvers said the scam utilized a method known arsenic a zero-value transfer, a blase signifier of onchain phishing.

Source: Cyvers Alert

Zero-value transfers are an onchain phishing method that abuses token transportation functions to instrumentality users into sending existent funds to attackers. The attackers exploit the token transferFrom relation to transportation zero tokens from the victim’s wallet to a spoofed address.

Since the magnitude transferred is zero, nary signature by the victim’s backstage cardinal is indispensable for onchain inclusion. Consequently, the victims volition spot the outgoing transaction successful their history.

The unfortunate whitethorn spot this code since it is included successful their transaction history, mistaking it arsenic a known oregon harmless recipient. They whitethorn past nonstop existent funds to the attacker’s code successful a aboriginal transaction.

In 1 high-profile case, a scammer utilizing zero transportation phishing onslaught managed to bargain $20 cardinal worthy of USDT earlier getting blacklisted by the stablecoin’s issuer successful the summertime of 2023.

Related: Hackers utilizing fake Ledger Live app to bargain effect phrases and drain crypto

Advanced signifier of code poisoning

A Zero-value transportation is considered an improvement of address poisoning — a maneuver wherever attackers nonstop tiny amounts of cryptocurrency from a wallet code that intimately resembles a victim’s existent address, often with the aforesaid starting and ending characters. The extremity is to instrumentality the idiosyncratic into accidentally copying and reusing the attacker’s code successful aboriginal transactions, resulting successful mislaid funds.

The method exploits however users often trust connected partial code matching oregon clipboard past erstwhile sending crypto. Custom addresses with akin starting and ending characters tin besides beryllium combined with zero-value transfers.

Related: Industry exec sounds alarm connected Ledger phishing missive delivered by USPS

Threat increasing crossed blockchains

A January 2025 study found that implicit 270 cardinal poisoning attempts occurred connected BNB Chain and Ethereum betwixt July 1, 2022, and June 30, 2024. Of those, 6,000 attempts were successful, starring to losses implicit $83 million.

The study follows crypto cybersecurity steadfast Trugard and onchain spot protocol Webacy announcing an artificial intelligence-based strategy for detecting crypto wallet code poisoning. The caller instrumentality purportedly has a occurrence people of 97%, tested crossed known onslaught cases.

Magazine: Crypto scam hub exposure stunt goes viral, Kakao detects 70K scam apps: Asia Express