Cointime

Cointime

Download App
iOS & Android
Home / Security

DEA Loses $55,000 in Seized Tether to Scammer in Address Poisoning Attack

The United States Drug Enforcement Administration (DEA) lost $55,000 in seized Tether earlier this year due to a scammer's "address poisoning" tactic. The DEA had seized over $500,000 worth of USDT from two Binance accounts suspected of laundering drug money.

The funds were securely stored in DEA-controlled Trezor crypto wallets, but a scammer tricked the agency into transferring funds to the wrong address. The DEA and FBI are investigating the incident and have found two Binance accounts that paid for the attacker wallet gas fees using two Gmail email addresses.

Tether USDt Tether USDt $1.00
-0%
United States Tether Binance
Comments

All Comments

Recommended for you

  • Chainalysis: Around $24 Million in Crypto to be Stolen by Impostors and Tax Authorities in 2023

    According to Chainalysis, by 2023, approximately $24 million worth of cryptocurrency will be stolen through impersonation and tax authority scams. The company estimates that as of April 2024, the total amount stolen will be close to $17 million.

  • Multisig Exploit hacker-related addresses become active and launder money

    Multisig Exploit's hacker attack was the first hacker attack in ETH's history, with over 150,000 ETH stolen, worth about $30 million at the time (back in July 2017). Today it is worth nearly $450 million, and more than 80,000 ETH is still involved in the addresses starting with 0xb37647. The address has sent about 70,000 ETH to seven different addresses, each with 10,000 ETH. In recent months, these different addresses have been slowly laundering the money. One of the addresses starting with 0x5167052 has recently become active again.

  • TON community member: Some TON wallets received virtual account NFTs starting with "888", which is a phishing project

    On May 13th, according to a member of the TON official community, a new NFT with a virtual number starting with "888" has been added to the TON wallet. However, the transaction fee for each transfer is as high as 1 TON, which is caused by the fishing project changing the Gas.

  • The address that defrauded 1,155 wBTC has returned more than 96% of the funds to the victims

    Blockchain data shows that the address poisoning attacker lured users to send 1,155 Wrapped Bitcoins (wBTC) (valued at $68 million at the time) to them. The attacker has returned almost all of the stolen funds. These funds were exchanged for Ethereum (ETH) during the attacker's holding period, and the price of ETH has since fallen. However, the attacker returned about 22,960.07 ETH, worth about $65.7 million, which accounts for over 96% of the initial stolen funds in terms of US dollar value.

  • TrumpAI tokens on Ethereum have been RUG

    PeckShield has monitored that the TrumpAI token on the Ethereum blockchain has fallen by 100%. An address starting with 0x935A sold 5,000,000,000,000,000,000,000 TrumpAI tokens, which is about 26.57 WETH (approximately $80,000). Note: rugpull tokens have the same name as legitimate tokens.

  • WOOFi attacker address has transferred 100 ETH to Tornado cash

    PeckShield monitoring shows that the address marked by the WOOFi attacker has transferred 100 ETH to Tornado cash. The WOOFi attacker has already transferred 2200 ETH (worth about $6.5 million) to Tornado cash.

  • The Base ecosystem Bloom project said it has recovered 90% of the funds stolen in the attack

    On May 10th, Bloom, a decentralized derivatives exchange on the X platform, announced that they have recovered $486,000 (minus 10% for bug bounties) out of the total funds utilized ($540,000). All of these funds will be redistributed to limited partners. 10% of the bug bounty has been agreed upon in exchange for not pressing charges against those who exploited the bug. A compensation plan for limited partners affected by the bug will be completed within the next 24-48 hours. Funds are safe and there is currently no need to revoke contract access.

  • SlowMist: The hacker who stole 1,155 WBTC may be from Hong Kong

    According to SlowMist analysis , the IP address associated with the theft of 1155 WBTC has been traced to Hong Kong (VPN use cannot be ruled out). Earlier reports indicated that a certain address was suspected to be a victim of phishing attacks and lost 1155 WBTC, worth 71 million USD. Subsequently, the fraudsters sold all 1155 WBTC and exchanged them for 22960 ETH, and used a large number of wallet addresses to send and launder the funds.

  • CertiK: The group that stole 1,155 WBTC dispersed the exchanged ETH 8 hours ago

    CertiK stated on social media that the system detected fund transfers from a fraudulent wallet, which can be traced back to a phishing incident on May 3rd where an address lost 1155 WBTC due to malicious address transactions. Starting from 8 hours ago, the scammer continuously split and dispersed the exchanged ETH from the initial address. Previously, the address that stole 1155 WBTC had exchanged the coins for 22960 ETH.

  • Hundre Finance attackers have withdrawn 162.2 ETH worth of crypto assets from Curve

    According to PeckShield monitoring, the attacker of Hundre Finance withdrew 784,000 3Crv from Curve and exchanged it for 273 ETH. In addition, they also exchanged 305.6 WOO, 39 PAXG, 200,000 FRAX, and 100,000 DAI, totaling 162.2 ETH. The attacker then bridged 1,034 ETH (2.17 million USD), 842.8K DAI, 1.11 million USDT, 1.27 million USDC, and 457.3 FRAX from Optimism to Ethereum. They also exchanged a total of 480,000 USDC for 142.6 WETH, 306 WOO, and 39 PAXG. They also exchanged 1.11 million USDT for 500.3 thousand USD worth of DAI and 613.8 thousand USD worth of FRAX. Additionally, on April 15, 2023, approximately 786,000 USD worth of USDC was added to Curve3Pool.

Daily Must-Read

Popular Activities

Delysium $AGI & AI Private Yacht Party

Delysium $AGI & AI Private Yacht Party

March 27 - March 27
Seoul

Popular Tags

Cointime
News
Contents
RSS
Company