- The DEA lost $55,000 in a cryptocurrency scam earlier this year when scammers exploited the agency’s reliance on partial cryptocurrency addresses
- Scammers used an “airdrop” technique to deceive the DEA into sending funds to a fake address that resembled a legitimate one
- Working with the FBI, the DEA traced the converted funds to an ether wallet associated with Binance accounts and a Gmail account
The US Drug Enforcement Administration (DEA) fell victim to an entry-level cryptocurrency scam, resulting in a loss of more than $55,000, after the agency failed to check the recipient address. Forbes has revealed that the incident occurred after the DEA seized around $500,000 in USDT from two suspected illegal narcotics accounts on Binance. These funds were stored in a secured facility under the DEA’s control, but a cunning scammer was able to manipulate those in charge into sending $55,000-worth to a fake address linked to themselves
First and Last Characters Spell Doom
The scammer was able to take advantage of a common vulnerability in cryptocurrency transactions: the reliance by some on the first and last few characters of cryptocurrency addresses. When the DEA sent a test payment of $45.36 in USDT to the United States Marshals Service, the scammer promptly set up a fake cryptocurrency address that matched the beginning and end of the Marshals’ legitimate address.
This deceptive technique aimed to trick the DEA into believing the scammer’s address was the Marshal’s actual account. The scammer initiated an “airdrop” into the DEA’s wallet, making it appear as if the test payment had been sent to the Marshals. This practice is often used to distribute new tokens but can be exploited for scams.
The scammer’s ploy succeeded, as the DEA inadvertently transferred over $55,000 to the scammer’s address in a single transaction. Upon discovering the issue, the Marshals alerted the DEA, which then contacted Tether to freeze the scammer’s account. Unfortunately, the funds had already been converted into ether and moved to a different wallet.
Individual Has Likely Been Identified
Working alongside the FBI, the DEA traced the converted funds to an ether wallet associated with two Binance accounts that had been covering the scammer’s gas fees. These Binance accounts had been registered using Gmail addresses, leading investigators to hope that Google might possess identifying information about the users. It appears that this element of the investigation is ongoing, but no announcement has been made on an arrest.
The scammer has been actively transferring significant sums of ether in recent months, accumulating around $40,000 in their wallet and receiving $425,000 since June. This incident highlights the vulnerability of cryptocurrency users to “airdrop” attacks, where scammers capitalize on users’ tendency to focus on the first and last characters of addresses.
While cybersecurity tools like Chainalysis’ Address Screening can help detect fraudulent addresses, it’s not clear whether the DEA employs such tools for managing seized cryptocurrency assets. The incident is a reminder to not just rely on the first and last digits of an address, but some middle sections too.
