Earlier this year, the DEA (Drug Enforcement Administration) seized approximately $500,000 worth of Tether from two Binance accounts suspected of being linked to illicit drug transactions. The funds were securely stored in accounts controlled by the DEA and safeguarded in a high-security facility using a Trezor hardware wallet. However, their vigilance was compromised by a scammer who took advantage of a well-known cryptocurrency scam.
The Crypto Airdrop Scam
Closely monitoring the blockchain, the scammer identified a prime opportunity as the DEA conducted a test payment of $45.36 in Tether to the U.S. Marshals Service as part of their standard seizure procedure. Seizing the moment, the scammer swiftly set up a cryptocurrency address that mimicked the Marshals’ account by matching the first five and last four characters.
Using the common method of copying and pasting lengthy cryptocurrency addresses, the scammer employed an “airdrop” technique to drop a token into the DEA’s account, making it appear as if the payment had been made to the Chief of Police. Consequently, the DEA mistakenly sent over $55,000 to the scammer in just one transaction.
Upon discovering the fraudulent transaction, the U.S. Marshals promptly alerted the DEA, initiating a joint investigation with the FBI.
Reportedly, the stolen funds were converted into Ethereum and transferred to a new wallet. While the owner’s identity of the wallet remains undisclosed, investigators noted that the two Binance accounts had paid “gas fees” to the scammer.
Following the On-Chain Trail
According to reports, analysis of the scammer’s wallet transactions revealed significant activity. The wallet currently holds nearly $40,000 worth of Ether, with funds pouring in amounting to $425,000 since June.
Significantly, in the past three weeks, $300,000 has been distributed across seven different wallets, complicating efforts to trace the origin of the funds and apprehend the perpetrator.
The inadvertent loss of seized cryptocurrency by the DEA underscores the growing prevalence of cryptocurrency scams, often capitalizing on users’ reliance on the first and last characters of wallet addresses. While tools like Chainalysis’ Address Clustering exist to detect counterfeit addresses, it remains unclear whether the DEA actively employs such measures in handling cryptocurrency asset seizures.
As cybercriminals continue to exploit vulnerabilities in digital systems, agencies must implement enhanced verification procedures and leverage advanced tools to combat the risks of criminal activity and fraud.
The investigation into this high-profile case is ongoing, with hopes of identifying and bringing the perpetrator to justice, while also advancing improved cybersecurity measures in law enforcement agencies.