The Tale of a Crypto Whale’s Narrow Escape from a Phishing Scam
A crypto whale narrowly avoided a $129 million USDT loss after falling victim to a phishing scam on the TRON blockchain.
Incident Report
Blockchain security firm Scam Sniffer reported the incident on Nov. 20, detailing how the stolen funds were unexpectedly returned within hours.
What Happened?
According to the firm, the scammer used a fake wallet address, “THc…bu8,” crafted to closely resemble the intended recipient’s “TMS…bu8.” The fraudulent address mimicked the original by matching its starting and ending characters.
Despite testing the waters with a test 100 USDT transaction, the victim could not spot the subtle differences and eventually transferred $129 million to the wrong address.
Surprisingly, the fraudster returned 90% of the stolen funds—116.7 million USDT— within an hour of the incident and eventually returned the remaining balance of 12.96 million USDT after four hours.
Following the fund return, the victim promptly redirected the funds to their original destination, “TMS…bu8,” where they have since remained.
The Rising Threat of Address Poisoning Attacks
Scam Sniffer identified this incident as a classic example of an address-poisoning attack, a phishing tactic gaining widespread traction in the industry.
This scam involves creating wallet addresses nearly identical to those used by victims, differing by just one or two characters. Fraudsters then send small token amounts to victims, embedding the fake address in their transaction history to exploit copy-and-paste errors during future transfers.
CertiK, another blockchain security firm, noted that this phishing tactic, along with wallet drainers, has led to the loss of more than $800 million worth of crypto assets this year.
Due to this, Yu Xian, founder of web3 firm Slowmist, cautioned crypto users about the risks of copying sensitive information. He advised clearing clipboard data after use to avoid falling prey to such scams. Xian emphasized that no connected device is entirely secure, reinforcing the need for vigilance in safeguarding digital assets.
Observers stated that this case further emphasizes the evolving sophistication of crypto phishing scams and highlights the importance of double-checking wallet addresses before making transfers.