$2.5M Vanishes in Double Crypto Phishing Scam

The fraud utilised a tactic known as “zero value transfer.” This subtle on-chain cheating has grown in both frequency and refinement.

According to blockchain security company Cyvers, the attacker first steered the victim to send $843,000 worth of Tether (USDT). Just a few hours later, the same victim sent an additional $2.6 million USDT without her knowledge. At this point, we have now become the same spoofed wallet address that was used in previous attacks. This one-two punch is a case of an “address addiction” textbook, and is a deceptive trick that manipulates transaction history to gain misguided trust.

How Zero Value Fishing Works

At the heart of this scam is a clever abuse of how crypto wallets display transaction history. The attacker uses to initiate a transaction transfer Token Contract Features, Send zero Tokens into the victim’s wallet from appearance or spoofed address. Blockchain doesn’t require victim signatures because funds are not moving, but transactions still appear in history.

AlertsOur system detected approximately 2.6m $ usdt Loss from target address addiction fraud, including zero value forwarding. One victim was repeatedly scamned by the same attacker’s address.

First, the victim lost 843k $ usdt.
About three hours later, the same victim sent 1.75m… pic.twitter.com/wwvlrzvavk

– Cyber ​​Alert (@cyversalerts) May 26, 2025

If the victim then wants to transfer the actual funds (for example, to a reliable address). That’s where the traps gush out. The attacker receives real funds, leaving the victim with catastrophic losses. This tactic has gained traction.

Crypto Hack Details

In 2021, a crypto investor named Brian lost $78,000. That was after falling into a sophisticated crypto phishing scam that included fake ledger devices. Despite following all security best practices, he received a presumably counterfeit “exchange” ledger in the mail due to past data breach.

This ledger can steal your money

Brian did everything right: cold wallet, secure setup, no phishing.

However, a fake “exchange” ledger ejected the code in a few minutes.

Here’s how fraud works and how to protect your encryption pic.twitter.com/cqkimzmg6n

– nonzee (@0xnanceense) May 25, 2025

The device was preloaded with malware and tricked him into entering a recovery phrase. This scam is rooted in social engineering and stolen customer data. It shows that even cold wallets are not entirely difficult without proper verification procedures.

Disclaimer

The information discussed by Altcoin Buzz is not financial advice. This is for educational, entertainment and information purposes only. An information or strategy is an idea or opinion related to the accepted level of risk tolerance of the writer/reviewer, and those risk tolerances may differ from yours. We are not liable for any losses that may arise due to investments that are directly or indirectly related to the information provided. Bitcoin and other cryptocurrencies are risky investments, so do due diligence. Copyright Altcoin Buzz Pte Ltd.

The $2.5 million loss in double crypto phishing scam first appeared on Altcoin Buzz.