The same federal agency that once helped bring down the biggest crypto-based dark web drug marketplace Silk Road got swindled by one of the oldest tricks in the crypto scammer playbook. The U.S. Drug Enforcement Administration reportedly handed a fraudster a little more than $55,000 in confiscated crypto funds after it was duped by a classic airdrop phishing scam.
Forbes first reported on a warrant put out by the FBI investigating the scam. Those funds were stored in a Trezor crypto wallet, a more secure kind of crypto storage than an exchange-based wallet. The funds were further secured inside a “secure facility.” However, since all transactions are public on the blockchain, a scammer noticed when the DEA sent a test amount of $45.36 in Tether to a wallet owned by the U.S. Marshals.
The alleged scammer then performed what’s known as an airdrop scam. Essentially, the fraudster created a new address with the first five and last four digits of the Marshals’ account. Each crypto wallet has a unique address that’s about 30 characters long. Then, the fraudster sent, or “airdropped” some Tether into the DEA’s account, which shows up as looking like it came from the marshal’s address.
This works because the two accounts seem similar, so any layperson who only looks at the first few and last few characters to confirm will simply copy and paste the whole address rather than type it out. Trezor actively warns its users against airdrop scams, though in most cases, fraudsters want to access the wallet’s entire balance through a website link. These scams usually work against users investing in a new coin drop, but eagle-eyed fraudsters looking at crypto addresses might get lucky with a quick phishing attack, as they did here.
Amid the confusion, the DEA ended up sending funds to the fake marshal’s address, and by the time the two separate Department of Justice agencies realized what had happened, the funds had already been moved out of the scammer’s account.
Gizmodo reached out to the DEA, but we did not immediately hear back. The FBI declined to comment on the investigation.
The $55,000 sent to the fraudulent account was supposedly from a pool of $500,000 worth of Tether, a so-called stablecoin pegged on a 1-to-1 ratio with the U.S. dollar. Feds seized the crypto from two Binance accounts suspected of funneling money from drug sales back in May, according to the report.
According to Forbes, the FBI reportedly determined that the alleged scammer converted the funds into both ether and bitcoin and transferred them to a new wallet. Those accounts were connected to two crypto wallets on Binance. The FBI is apparently trying to track down more information about two Gmail accounts linked to those wallets. Forbes reported that the supposed scammers’ wallet IDs have been rapidly moving money between multiple different accounts.
The DEA has made other arrests surrounding drugs and crypto in recent months, though the agency does have one or two black spots when it comes to past crypto investigations. Former DEA agent Carl Force pled guilty back in 2015 for trying to extort the founder of Silk Road, Ross Ulbricht, into paying $50,000 for information into the agency’s investigation of the dark web platform.