DEA gets duped: Agency loses $55K in address poisoning scam
Jesse Coghlan7 hours agoDEA gets duped: Agency loses $55K in address poisoning scamThe United States Drug Enforcement Administration has yet to find those responsible for the attack but has enlisted the help of the FBI.2683 Total views13 Total sharesListen to article 0:00NewsJoin us on social networksThe United States Drug Enforcement Administration — the agency tasked with enforcing the country’s drug laws — lost $55,000 in seized Tether (USDT) earlier this year at the hands of a scammer.
Forbes reported on Aug. 24 that in May, the agency seized over $500,000 worth of USDT from two Binance accounts it suspected of laundering money from drug sales as part of a multi-year investigation.
The funds were put in DEA-controlled Trezor crypto wallets and stored securely, according to a search warrant seen by Forbes. As part of standard forfeiture processing the DEA sent a test amount of just over $45 worth of USDT to the U.S. Marshals Service.
An on-chain sleuth picked up on the transaction and then quickly set up a crypto wallet with the same first five and last four characters of the Marshals account — a scam tactic known as “address poisoning.”
The scammer airdropped a token to the DEA’s wallet so that the spoofed address would appear as a recent transaction, thus tricking the owner into accidentally transferring funds to the wrong address.I almost got hit by an address poisoning scam.
Sent a second tx to someone just after the first, and was lazy and just copy pasted his address from my transaction history.
Yup, copy pasted the poison tx address.
Just before confirming, @Rabby_io informed me that I had never… pic.twitter.com/XlHPTs8PZy— N̴̡̩̠̻̩͜͝a̴͍͙̫̹̅u̶̼̠̭͐̂͘h̷͇̻̭̚c̴͉͈̎̂̅͗̉̈́̆͑̍̀ (@nauhcner) April 18, 2023
The tactic worked against the DEA agent, who sent over $55,000 to the scammer.
By the time the Marshals noticed and alerted the DEA, who in turn asked Tether to freeze the funds, it was too late.
The USDT had already been swapped for Ether (ETH) and Bitcoin (BTC) and then shifted to different crypto wallets.
Related:SEC charges former corrections officer with role in bizarre crypto scam
The DEA alongside the FBI is investigating the incident and is yet to find whose behind the attack. All they’ve found so far are two Binance accounts that paid for the attacker"s wallet gas fees, which used two Gmail email addresses to sign up.
It"s hoped Google has some information that can be used to nab the owner of the Gmail accounts.
The DEA did not immediately respond to a request for comment.
Collect this article as an NFTto preserve this moment in history and show your support for independent journalism in the crypto space.
Magazine:$3.4B of Bitcoin in a popcorn tin — The Silk Road hacker’s story# Blockchain# Forbes# FBI# United States# Drugs# TetherAdd reactionAdd reactionRead moreHow to use index funds and ETFs for passive crypto incomeHow to put words into a Bitcoin address? Here’s how vanity addresses workThe future of BTC mining and the Bitcoin halving