DEA’s Mishandling of Seized Crypto Results in Scammer Getting $50,000
According to an August 24 Forbes report, the Drug Enforcement Administration (DEA) recently made a costly and embarrassing mistake in the handling of cryptocurrency seized during a narcotics investigation. Federal agents fell victim to a relatively common “address poisoning” scam.
In May, the DEA confiscated over $50,000 worth of Tether (USDt), a dollar-pegged stablecoin, from two Binance accounts suspected of laundering drug money. While processing the seizure, the agency sent a test transaction of $45.36 to the US Marshals Service’s cryptocurrency wallet address, according to the Forbes story.
An Embarrassing Blunder for the DEA
However, a crafty scammer noticed this transaction on the public blockchain ledger. The scammer generated a fake Tether address that matched the first and last characters of the marshals’ real address.
The scammer then tricked the DEA by using an “airdrop” to insert this fake address into the agency’s cryptocurrency wallet. Believing the deposited address belonged to the Marshals Service, the DEA mistakenly wired over $55,000 in Tether to the fraudster’s own account.
The funds were promptly drained, converted into Ether (ETH) cryptocurrency, and shuffled through various wallets.
Despite the DEA’s blunder, inflows to illicit addresses are down in the first half of the year. Source: Chainalysis
“Address Poisoning” Relies on Carelessness
The scam, known as “address poisoning,” is already an established trick among criminals and fraudsters. It relies on the fact that most crypto users only check the first and last characters of a wallet’s address.
Matching the long string of letters and numbers is a tedious task, even for the most disciplined of us. This simple trick relies on our common aversion to drudgery—doing it simply isn’t very much fun.
The DEA and other federal agencies are supposed to be the ones protecting us from fraudsters. Yet a crude, common trick hoodwinked the feds and led to the loss of a fortune.
The DEA’s failure to safeguard the seized cryptocurrency is even more embarrassing considering the agency recently launched a task force focused on cryptocurrency crimes.
On June 15, the DEA joined other federal agencies to form the Darknet Marketplace and Digital Currency Crimes Task Force. If May’s blunder is anything to go by, the extra expertise is much needed.