In a dramatic turn of events, the U.S. Drug Enforcement Agency (DEA) has been duped by a common cryptocurrency scam, resulting in the agency misplacing over $50,000 worth of crypto assets it had confiscated from a narcotics-related investigation by sending it to a fraudster’s account.
The DEA had been investigating the case for three years, which involved the suspects using two accounts on the Binance crypto exchange to funnel illegal narcotics proceeds in dollar-pegged Tether USD (USDT) stablecoins.
The officials uncovered the operation in May and seized over 55,000 USDT ($55,000) from the criminals. The funds were then transferred to a Trezor hard wallet controlled by the DEA that was stored in a secured facility.
DEA Falls For The Oldest Trick In The Crypto Scammer’s Book
Standard forfeiture processing requires the DEA to transfer seized assets to the United States Marshals Service. Since this case involved cryptocurrencies, the agencies conducted the transaction using digital wallets. The DEA first sent a test amount of 45.36 USDT to the U.S. Marshals’ crypto wallet to make sure the transaction lines were clear.
This was the moment that changed everything.
An eagle-eyed swindler was watching the transaction on the Ethereum blockchain, which gave him the idea to exploit the asset handing-over process.
They then initiated a widely popular crypto scam among criminals and fraudsters known as “address poisoning”, where the bad actor creates a fake wallet that has similar first and last characters as the target wallet.
Crypto wallet addresses are typically around 30 characters long and contain alphanumerical digits that are hard to memorize. As a result, people normally verify the first four and last five characters and just copy and paste the address instead of typing them out.
Scammer Airdrops USTD From Fake Address To The DEA Wallet
The crafty scammer generated a fake Tether wallet address, whose first four and last five digits matched the characters on the Marshals’ address. In an effort to trick the DEA into thinking the wallet belonged to the Marshals, the swindler, using the “airdrop” mechanism,
inserted the fake address into the DEA wallet logs by transferring back the same amount of USDT as the test transaction to make it look legitimate.
Airdrop is a legal crypto feature that allows an individual or entity to send portions of a cryptocurrency into another person’s wallet.
Usually, the mechanism is used by creators of a new cryptocurrency to promote their project by transferring a pre-determined amount of the tokens to wallet addresses registered for the airdrop.
But the facility is also taken advantage of by scammers who act as legitimate crypto websites and projects to trick crypto holders into mistakenly sending them funds.
In a never-before-seen case, the DEA fell for the hacker’s trick the first time and sent just over $55,000 to the fake address in a single transaction. The scam was only revealed after the Marshals found out what had happened and alerted the DEA.
The Hacker Cashed Out The Assets Before Federal Agencies Could Do Anything About It
The DEA immediately ordered USDT issuers Tether to freeze the scammer’s wallet so that they wouldn’t be able to withdraw the assets. But unfortunately, it was too late as the hacker had already cashed out the proceedings.
The agency, which has been working with the Federal Bureau of Investigation (FBI) to track the culprit ever since determined that the funds were converted into Ether (ETH) and Bitcoin (BTC) and shuffled through various wallets.
According to a warrant issued by the FBI, two Binance accounts were identified to have paid the scammer’s gas fees – transaction charges on the Ethereum network.
A key piece of information available to the FBI is that the crypto wallet accounts were created using two Gmail addresses. Law enforcement officials have since contacted Google in the hopes of being able to identify the scammer.
Looking at on-chain transactions, it is evident that the hacker’s wallet has been moving large amounts of ETH in recent months. At the moment, the wallet contains 24.21 ETH worth approximately $40,000.
However, the account has received a total of $425,000 in ETH since June, of which over $300,000 has been transferred to seven different wallets.
Cybercriminals Continue To Have The Upper Hand Over Law Enforcement
The event is just another example of how vulnerable crypto users are to scams and hacks that even federal agencies can become victims of. A momentary lapse of concentration can cause huge losses in the crypto world.
There are tools available in the market that can verify whether crypto addresses are legitimate and flag rogue wallets. However, it is not clear if the DEA has been using such mechanisms for its crypto-related operations.
Speaking to Forbes, Jake Moore, the global security advisor at cybersecurity firm ESET, said the event was a harsh reminder of how important it is to verify everything and “have a further pair of eyes” to confirm transactions involving large sums of money.
He also warned that cybercriminals continue to have an upper hand when it comes to digital crime and fraud and law enforcement needs to step up their game.
Federal Agencies Set Up Crypto Task Force To Combat Cyber Criminals
In June, The DEA and other federal agencies including the Homeland Security Investigations (HSI), the U.S. Attorney’s Office, the Internal Revenue Service (IRS) Criminal Investigations, and the U.S.
Postal Inspection Service joined forces to establish the Darket Marketplace and Digitial Currency Crimes Task Force. The crypto task force will use advanced tools and mechanisms to “disrupt and dismantle” criminal organizations that exploit the Web3 space and obscure the darknet.
Just in the past year, Homeland Security Investigations seized close to $4 billion in cryptocurrency from illicit activities, which if anything to go by, says how important it is to crack down on cybercriminals using the crypto space to conduct their operations.