A major cryptocurrency holder narrowly avoided losing $129 million USDT in a phishing scam that targeted them on the TRON blockchain. The quick return of the stolen funds was an unexpected twist in this incident.
Stolen Funds Returned Within Hours
On November 20, blockchain security firm Scam Sniffer reported the incident. It detailed how the scam unfolded and the surprising return of the stolen funds within hours.
How Did It Happen?
According to Scam Sniffer, the fraudster used a fake wallet address, “THc…bu8,” that closely resembled the victim’s intended recipient address, “TMS…bu8.” The fraudulent address was crafted to mimic the original, matching its first and last characters.
The victim even tested the transaction with a 100 USDT transfer but failed to notice the minor discrepancies between the addresses. This led to the accidental transfer of $129 million to the scammer’s address.
In an unexpected turn, the scammer returned 90% of the stolen funds, equating to 116.7 million USDT, within an hour. The remaining balance of 12.96 million USDT was returned four hours later. The victim then redirected the recovered funds to the intended wallet address, where they have remained since.
Address Poisoning: A Growing Threat
Scam Sniffer identified this as a classic “address-poisoning” attack, a sophisticated phishing method gaining momentum in the crypto sector.
How Does Address Poisoning Work?
This scam involves fraudsters creating wallet addresses nearly identical to legitimate ones. The fraudulent addresses differ by just one or two characters, making them difficult to detect. Scammers send small amounts of tokens to victims, embedding the fake address into transaction histories. This tactic exploits copy-paste errors during future transactions, tricking victims into sending funds to the wrong address.
Escalating Impact on the Crypto Sector
Blockchain security firm CertiK noted that address poisoning, along with wallet-draining attacks, has resulted in the loss of over $800 million worth of crypto assets in 2024 alone.
Yu Xian, founder of Web3 security firm Slowmist, warned users about the dangers of copying sensitive information. He urged individuals to clear clipboard data after use and emphasized that no connected device is entirely secure. Xian’s advice serves as a reminder of the importance of vigilance in protecting digital assets.
Lessons Learned and Vigilance Required
This case highlights the evolving sophistication of phishing scams in the crypto space. Observers stress the importance of double-checking wallet addresses before transferring funds. Such scams serve as a critical reminder for users to stay cautious and safeguard their digital wealth.
The post Crypto phishing scam nets $129 million in USDT then funds mysteriously return appeared first on CryptoSlate.
