28. September 2023

Hacker Steals $20M USDT in Zero-Value Transfer Scam

• A zero-value transfer scam worth $20M USDT got detected.
• Tether proactively froze the stolen crypto assets by blacklisting the USDT scammer’s addresses within an hour.
• The fraudster tricked the victim into sending a zero-value token from their address to the phishing address, followed by real funds.

Zero-Value Transfer Scam Worth $20 Million Detected

A zero-value transfer scam worth $20 million USDT was detected recently, with Tether blacklisting the offending address within an hour of the attack. The victim had transferred 10 million USDT from Binance a few days earlier, and then sent 20 million USDT to what they believed was their preferred address but was actually a phishing address. This is how scammers were able to deceive users by using a phishing address that initially appears to be the original one.

Zero-Value Token Used in Attack

The attacker tricked the victim into sending a zero-value token from their account to the phishing address, followed by real funds. This kind of attack does not require victims‘ private key since transfers have no monetary value attached to them. However, these transactions can still fool unsuspecting users if they habitually rely on transaction history for verifying their addresses before making transfers.

How Zero-Value Transfer Scams Work

In a zero-value transfer scam, criminals create a phishing address that reads similar to one where victims usually send funds; therefore most people only look at first and last few digits of such wallet addresses which makes it easy for scammers to outwit them. As this type of attack does not involve any money being stolen directly through it, victims mistakenly think they are safe and end up sending real money to wrong addresses later on due to relying on transaction history as verification method without crosschecking wallet details properly each time they make transactions.

Quick Response From Tether

Prominent on-chain investigator ZachXBT noted how quickly Tether responded by freezing stolen crypto assets soon after PeckShieldAlert reported about this attack which happened on 1 August 2020 when 20 million USDT got taken away from 0x407e using zero transfer technique.


It is crucial for everyone who deals with cryptocurrency or any other digital asset to pay attention when transferring money as scammers are always looking for ways to exploit careless users who don’t take all necessary precautions while making transactions online so that they can avoid falling prey to scams like this one at all times