The investor has lost a million -million in USDT phishing scam
On May 26, 2025, a crypto investor was victimized by a series of onchain phishing attacks. Crypto compliance firm Cyvers announced that the victim Lost a total of $ 2.6 million worth of cryptocurrencies.
It all started when the user sent 843,000 Tether USDT (USDT) to an address other than the intended recipient. Just three hours later, the user sent 1.75 million USDT more than the same address. The result: all of this is lost in time.
But how did the user do this mistake? According to Cyvers, the user became the target of a zero-value transfer scam.
How does a zero-value transfer scam work?
Moving zero-value is a fraudulent scam procedure that exploits user confusion and can be carried out without Private key Accessing is required.
Crypto wallet The addresses are made up of alphanumeric characters. Although the character number has changed for each blockchain, at least 26. In the case of the USDT, it ranges from 34 to 42.
Dealing with a long, random strung character is a confusing and dangerous task that can result in intense losses in the event of incidental, as crypto transactions cannot be returned due to the unchanged nature of the blockchain. Therefore, users usually use copying purse addresses when sending cryptocurrencies.
In the zero-value transfer of scams, malicious actors abuse exactly this practice. They searched through the targeted purse and recognized the addresses it contacted. The scammers then create a Vanity address That shares both the initial and final characters with a interacting address and send a transaction that does not contain any value.
The idea is to put the phony address in the targeted history of the wallet transaction. The user looking to send crypto to a familiar address again can scroll back to previous transactions and accidentally copy the fake scammer address. As a result, the user accidentally sends a scammer transaction with no way to recover lost cryptocurrencies.
A zero-token transfer exploit is just A tactic of addressing the addressan umbrella term for scams that rely on tricking and do not require controlled Seed phrases or private keys.
Do you know? The current Crypto Address landscape resembles the Pre-Domain Name System (DNS) period of the Internet. Prior to DNS, users need to type Numbers IP addresses to access websites. There are several blockchain solutions that are available that work similarly to DNS and create wallets that address human readings, such as the Ethereum Name System (Ens).
Other Tactics of Poisoning in Crypto Address
Mimling legitimate addresses is a widely used procedure for addressing the address and can also be performed by sending a small amount of crypto to the target address to obtain credentials.
Scammers also use sophisticated crypto phishing wallet tactics and mixture of crypto hack techniques, such as:
- Impersonation: This method works similarly to zero-value transfer; The difference is that the attacks mimic high -confidence entities such as a public figure or a protocol instead of randomly selected addresses. They create a vanity address that resembles the address of such creatures and puts the fake address in the victim’s transaction history of the victim’s wallet to fool users who just glanced at the beginning and end of an address. Social Engineering strategiesAs for pretending to be on social media, this method can also be accompanied.
- QR Code: This tactic exploits the convenience of scanning purse addresses through QR codes by creating fakes. Scammers distribute fake QR codes through social media or attach them to physical locations to deceive accidental users. QR codes can also lead to the lookalike addresses of the legitimate, making the discovery more difficult.
- Interception by malware: This type of address poisoning involves hacking through malware. When attacked by attacks to install malware on a victim’s device, they can –hijack the clipboard and replace the copied wallet address on their own. The victim did not deliberately paste the attacker’s address and transmit the crypto to it instead of the intended recipient.
- Smart Contract Exploit: Poor codes and unobtrusive contracts are prone to poisoning. Attacks can take advantage of Bugs and Bugs in ContractSuch as improper verification of input and reentrancy, to deceive the contract using a fake address or change a critical mid-transaction. As a result, contract users can send crypto to attacks rather than legitimate address.
The cost of attacks of the Crypto Address
Addressing the address in 2025 has the cost to investors million -million to date. February saw $ 1.8 million in losses, while March lost $ 1.2 million Because of this crypto scam method. In May, a single incident exceeded the two aforementioned months with $ 2.6-million loss.
Attacks develop intense losses in major blockchains such as the Ethereum and BNB chain. Between 2022 and 2024, around 17 million addresses are Poison In Ethereum, with zero-transfer attacks that make up 7.2 million of the number. Of these, 1,738 attempts were successful and caused the loss of nearly $ 80 million.
At the same time, the BNB chain was hit by nearly 230 million address poisoning attempts. Blockchain users suffered a total of $ 4.5 million in losses due to 4,895 successful attacks.
The numbers have announced that addressing the address is a serious threat that cannot be ignored. But how can users avoid being a victim of this scam tactic?
How to Stay Safe Safe against Crypto Address Attacks
Addressing poisoning is a relentless web3 security threat that is difficult to see, but there are some careful users that users can do to stay safe.
Of course, the most obvious safety proposal is to do a double check. Always double-check the recipient of the wallet address in full before signing a transaction.
In addition, users can take care, such as:
- Using new addresses: Create new addresses for each transaction. This reduces the possibility of being victims of attacks that check the history history to perform phishing crypto.
- Keeping the wallet private is private: Refuse to share your wallet addresses in public. Such addresses are easier to target for malicious actors.
- Ignoring small transactions: Be careful about small crypto transfers. There is a good chance that they address poisoning attempts.
- Using safe crypto wallets: Use a respectable purse with phishing protection features. Some Wallets Floggers of Delicious Address or Alert you when you paste a known scam address.
- Following updates: Keep track of blockchain scam alerts. Web3 security platforms, such as cyvers, peckshield and certik, as well as well-known figures such as ZachXBT, provide timely alerts about scams, hacks and suspicious activities that will help users avoid contact with spoof addres.
- The verification of addresses: Manu -Manu -verify purse addresses when scanning QR codes. Avoiding them from unrighteous resources is also an effective measure.
- Using antivirus software: Install anti-malware software and browser extensions. Tools such as a wallet guard or scam sniffer can hinder known malicious scripts and fake sites.
- Considering Name Systems: Use solutions to providing a blockchain system as much as possible. Transacting on readable human addresses is a safer choice that significantly reduces the possibility of addressing the address.
- Using Safe Smart Contracts: Use that audits and thoroughly tested intelligent contracts to prevent victims of exploits.
