Crypto Investor Loses $2.6 Million in ‘Zero Transfer’ Scam

A user lost $2.6 million in USDT due to two phishing attacks carried out by fraudsters within three hours, according to analysts at Cyvers.

?ALERT?Our system has detected~2.6M $USDT loss from a targeted address poisoning scam involving zero-value transfers. A single victim was repeatedly scammed by the same attacker address.

First, the victim lost 843K $USDT.
⏳ About 3 hours later, the same victim sent 1.75M… pic.twitter.com/WWVlrZvavK

— ? Cyvers Alerts ? (@CyversAlerts) May 26, 2025

The first transaction amounted to 843,000 USDT, and three hours later, the criminals obtained another 1.75 million USDT. They employed a ‘zero transfer’ mechanism. The fraudsters simulated sending tokens from the victim’s wallet to a fake address, but the transaction amount was zero.

Such operations do not require confirmation with a private key but appear in the transfer history. The user mistakes the fake address for a trusted one and sends real funds to the fraudsters.

The ‘zero transfer’ tactic is a new method of ‘poisoning’ crypto addresses. This type of fraud involves attackers sending small amounts to the victim from an address similar to the real one. Typically, the first and last characters of the wallet match—these are the ones users most often check before sending funds.

The aim of the attack is to trick the victim into transferring funds to the fraudsters’ address. Generally, those who copy the address from the transaction history fall for this.

Back in March, ‘poisoning’ crypto addresses netted hackers $1.2 million in three weeks. On February 20, one victim lost $763,662.

To combat ‘poisoning,’ companies Trugard and Webacy developed an AI system to detect attacks. Tests showed 97% accuracy.