A crypto investor recently fell victim to a Phishing scam, losing a total of $2.6 million in stablecoins through two separate attacks that occurred within a span of just three hours.
According to the analysis by a blockchain compliance firm, Cyvers, on May 26, the victim unknowingly transferred $843,000 in Tether (USDT) to the scammers address. Approximately three hours later, a second transfer of $1.75 million in USDT was made to the same scammer.
In both transactions, coins were sent to fraudulent addresses using a phishing strategy known as the “zero-value transfer” technique. This kind of targeted approach is an evolved form of address poisoning.
In this attack, fraudsters use the “From” option in token contracts to make an empty transaction from the victim’s wallet to an attacker’s address. No actual money goes across, so the victim’s signing key isn’t necessary for the scam to work.
Even so, the transaction records in the user’s wallet lay the foundation for this address to appear consistently as one they have used before. Sometimes, users view their transaction history and reinvest only to learn that their crypto coins have been sent to the attacker due to sabotage within their address history.
Because many users often check only the first and last parts of a wallet address or use the copy/paste feature, these frauds are likely to work.
Zero-value transfer now makes the address poisoning harder to spot, as before, when attackers used small amounts of crypto from similar addresses to confuse the victim. Fake wallet addresses and transaction records together makes it more likely that users will be fooled.
