In an embarrassing mishap, the US Drug Enforcement Agency (DEA) inadvertently transferred $50,000 worth of seized cryptocurrency to a scammer who has gathered vast sums in Ethereum over recent months.
Background:
Earlier in the year, the DEA had seized around $500,000 in Tether (a stablecoin tied 1:1 to the US dollar) from two Binance accounts linked to illegal drug transactions. This seized amount was securely stored in a DEA-controlled account within a Trezor hardware wallet at a reputedly “highly secure” location.
The Scam:
The trickster took advantage of a well-documented crypto scam. The opportunity presented itself when the DEA made a test payment of $45.36 in Tether to the US Marshals Service. The scammer quickly established a cryptocurrency address that eerily resembled the Marshals’ account by matching specific initial and final characters. The DEA, believing they were transferring to the Marshals, ended up sending over $55,000 to the scammer.
Investigation:
Following the detection of the fraudulent transfer, a joint investigation between the DEA, the Marshals, and the FBI was launched. The stolen amount was found to have been converted into Ethereum and shifted to a different wallet. The identity of the wallet owner remains undisclosed, but links were observed with two Binance accounts covering the scammer’s “gas fees.”
The investigators are currently looking into potential leads via two Gmail addresses linked to the Binance accounts. Analysis indicates the scammer’s wallet has witnessed heavy traffic, currently holding around $40,000 worth of Ether and seeing an influx of $425,000 since June. A large sum, $300,000, has recently been dispersed to seven wallets, making tracking even more challenging.
Significance & Future Steps:
This incident, involving the DEA, highlights the escalating trend of crypto scams. Scammers often exploit the common practice of users relying primarily on the first and last few characters of a wallet address. Advanced tools like Chainalysis’ Address Screening can help identify suspicious addresses, but it remains uncertain if the DEA uses such resources.
As digital crimes become more sophisticated, it’s imperative for agencies to step up their game, integrating advanced verification procedures and tools. This incident serves as a significant wake-up call, emphasizing the need for tighter cybersecurity protocols within law enforcement agencies. The ongoing investigation aims not just to apprehend the wrongdoer but also to strengthen security measures in response to the evolving threats of the digital age.
