TLDR:
- A crypto investor lost $2.6 million in USDT through a new scam tactic called “zero transfer.”
- The attacker manipulated the wallet history to trick the victim into sending funds to a fake address.
- Zero transfer scams are rising in frequency and sophistication across the crypto space.
- Security firms and regulators are ramping up AI tools and enforcement to combat such fraud.
$2.6M Drained in Just Three Hours
A crypto investor has lost a staggering $2.6 million in Tether (USDT) after falling victim to a highly sophisticated phishing scam known as a “zero transfer” attack, according to blockchain security analysts at Cyvers.
The incident unfolded in two separate transactions within a short three-hour window. The first unauthorized transfer saw $843,000 in USDT vanish from the victim’s wallet. Just hours later, an additional $1.75 million was siphoned off, totaling a massive $2.6 million in stolen funds.
🚨ALERT🚨Our system has detected~2.6M $USDT loss from a targeted address poisoning scam involving zero-value transfers. A single victim was repeatedly scammed by the same attacker address.
First, the victim lost 843K $USDT.
⏳ About 3 hours later, the same victim sent 1.75M… pic.twitter.com/WWVlrZvavK— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) May 26, 2025
How the “Zero Transfer” Scam Works
What makes this scam particularly dangerous is the psychological and technical manipulation behind the so-called “zero transfer” method. Unlike traditional phishing attacks that attempt to obtain private keys or passwords, this tactic exploits users’ reliance on wallet interfaces and their trust in familiar-looking addresses.
In a zero transfer scam, attackers simulate a transaction from the victim’s wallet to a nearly identical but fraudulent address, yet with a transfer amount of zero. These zero-value transactions appear in the user’s transaction history and require no confirmation. Because the address appears alongside legitimate transfers and often matches the first and last few characters of the user’s known addresses, it can easily be mistaken for a trusted contact.
Once the fake address is unknowingly copied and used by the victim, actual funds are sent to the scammer’s wallet.
Address Poisoning on the Rise
The rise of zero transfer and address poisoning attacks marks an alarming trend in crypto fraud. Similar schemes earlier this year led to multi-million-dollar losses. In March alone, hackers netted $1.2 million through address poisoning scams. One victim on February 20 lost over $763,000 in a single transaction.
In response, security firms like Trugard and Webacy have been developing AI-powered tools to detect these tactics. Early testing of these systems has shown up to 97% detection accuracy, offering hope for improved protection moving forward.
Crypto Crime Grows—But So Does Oversight
Broader market data reveals the growing scale of crypto-related cybercrime. According to a recent report by Bitrace, high-risk addresses received a total of $649 billion in stablecoin transfers in 2024, a sharp increase that now represents over 5% of all stablecoin activity. Tether (USDT) transactions on the TRON network lead the charge, but Ethereum-based activity involving USDT and USDC is also climbing.
Online gambling platforms, another area of concern, saw $217.8 billion in stablecoin inflows last year, a 17.5% increase from 2023. Fraudulent addresses received over $52.5 billion in 2024 alone , more than in any previous year.
Despite the alarming statistics, there are signs of progress. Stablecoin issuers Tether and Circle collectively froze over $1.3 billion in 2024, double the total from the previous three years combined. Additionally, regulatory crackdowns in jurisdictions like Hong Kong are beginning to reduce inflows to suspicious wallets.
Still, with total damages from crypto hacks exceeding $3.83 billion in just over a year, the industry remains in a high-risk phase.
