- A crypto user lost $2.6 million in USDt on May 26 through two phishing attacks.
- Both attacks used zero-value transfers, exploiting trust in familiar-looking wallet addresses without needing keys.
- Trugard and Webacy launched an AI tool detecting address poisoning with 97% success in tests.
A crypto user fell victim to a double blow on May 26, losing $2.6 million in stablecoins through two separate phishing attacks just hours apart. The case, reported by blockchain security firm Cyvers, involved 843,000 USDt drained first, then another 1.75 million USDt nearly three hours later.
The attacker used a method called zero-value transfer, an advanced type of phishing that doesn’t require access to a user’s private keys. This approach makes the scam harder to detect and more dangerous than older tactics. In both incidents, the same trick was used, leading to a significant loss in a short span.
Zero-value transfers use the token “From” function to simulate transactions from a victim’s wallet to a deceptive address. Since no tokens are moved, the action gets recorded on the blockchain without needing the victim’s approval or signature. It creates a false trail, fooling users into believing the scammer’s wallet is familiar.
False Sense of Safety Leads to Real Losses
The visual presence of the scammer’s address in the victim’s transaction history can fool them. Believing they had used the address before, the victim sent real funds, not realizing they were delivering money straight into the scammer’s hands.
This method is seen as a more refined form of address poisoning. In older cases, scammers would send small crypto amounts from addresses crafted to resemble a victim’s real wallet, often matching the first and last few characters. That would set up the trap for future mistakes during transactions.
The idea behind both methods is simple: users often check only part of an address before sending funds or use clipboard history. Attackers take advantage of this habit and create custom addresses that blend in. In both styles, a single click can cost someone everything.
Growing Threats in Crypto Scams
Over $46 million vanished from Coinbase accounts in March 2025 due to phishing scams. The company has promised to cover some losses tied to a recent data breach that leaked user details. The industry is facing growing pressure to strengthen its defense systems.
Reports from the third quarter of 2024 showed that around 11,000 people fell for crypto phishing scams, with losses reaching $127 million by September. One of the worst cases involved a victim who lost $32 million just by signing a permit signature.
To counter these tactics, crypto security groups have been rolling out new detection tools. Trugard, a cybersecurity firm, and Webacy, an onchain trust protocol, recently launched an AI-driven tool to detect address poisoning. It was tested against real attack cases and scored a 97% success rate, giving some hope for safer transactions ahead.
Read More | Data Breach Fallout: Coinbase Sued Over Hidden UK Regulator Deal
