SCAMSSECURITY

ZeroTransfer scam alert! Cryptocurrency wallet addresses cannot be trusted based solely on the beginning and end. Zhao Changpeng CZ warns: Binance almost scammed for $20 million, Zero U address poisoned.

share
ZeroTransfer scam alert! Cryptocurrency wallet addresses cannot be trusted based solely on the beginning and end. Zhao Changpeng CZ warns: Binance almost scammed for $20 million, Zero U address poisoned.

On 8/2, Binance CEO Changpeng Zhao, also known as CZ, warned the crypto community about the increasing prevalence of scams related to wallet addresses. Users are advised to carefully verify the address and its contents when making transfers, rather than just confirming the beginning and end of the address. However, scams related to exchanges are not new, as there have been instances of individuals falling victim to phishing attempts through official Coinbase emails and phone calls, with the number of victims continuing to rise.

ZeroTransfer Scam: Beware of Zero U Address Spoofing! Zhao Changpeng Warns: Binance Almost Scammed for $20 Million

CZ mentioned receiving a tip-off from an experienced operator at a crypto company that scammers were able to trick the operator into mistakenly sending $20 million by generating similar addresses that the operator frequently interacted with. Fortunately, the loss was averted through immediate action.

The scammers first create addresses that resemble the user's frequently interacted wallet addresses, with similar starting and ending characters, then send small transactions to the user. This tactic tricks users into copying the address when sending cryptocurrency later, mistakenly sending funds to the scammer.

The scammers match the starting and ending letters of the address to what most people check when making crypto transfers. However, many wallets hide the middle part of the address with "…".

Binance Scam Technique: Zero-Value Token Transfer Attack Zero U Address Spoofing

Twitter user @HshHah345 revealed that a scammer using ZeroTransfer from within Binance managed to scam $20 million USDT, but the transaction was blocked by Tether, and the address was blacklisted. The user also noted the irony that Binance, which employs manual fund aggregation, fell victim to such an address scam.

@HshHah345 mentioned that it seems the scammers did not monitor their phishing address, or else they could have quickly converted the money into other ETH to evade Tether's control.

What is ZeroTransfer Zero-Value Token Transfer Attack?

ZeroTransfer, short for Zero-Value Token Transfer Attack, is a fraudulent technique where attackers impersonate Ethereum addresses by using the first and last few characters matching the victim's address. This deception fools targets into believing they are interacting with familiar addresses and sends funds to the attacker's wallet.

Coinbase Official Email Spoofing?

A similar incident occurred at Coinbase, the largest cryptocurrency exchange in the US. In the past six months, there have been numerous phishing cases involving reset emails and 2FA verification. As early as November last year, a crypto influencer scottlewis.canto experienced this firsthand.

This is a new form of phishing scam where scammers send password reset requests through Coinbase's official email and SMS verification codes for 2FA to my phone. Subsequently, a call with a displayed area code claiming to be a Coinbase staff member and another email requesting SMS verification code to confirm identity was received.

scottlewis.canto realized this was a scam due to not having set up 2FA and recognizing the low security of email verification for identity confirmation. While most users may not be aware of this, he documented the incident to raise awareness for self-security.

Even Official Emails Can't Be Fully Trusted

Another user Daniel Mason highlighted some characteristics to help users identify phishing attempts and promptly reset passwords and 2FA verification upon encountering such scams.

  • Uses a legitimate local phone number
  • Native English speaker
  • Sends official emails from [email protected]
  • Phishing with real Coinbase domain URLs
  • Knows the user's US social security number, driver's license number, and address

Reportedly, some users suffered significant losses due to these scams, with one losing 13.85 BTC.