Prioritizing User Fund Security

WLFI emphasized that the security breaches were not caused by the platform or its smart contracts. Attackers accessed wallets through third-party security failures. In September, impacted wallets were frozen and owners were asked to re-complete KYC verification to confirm their identity.

Throughout the process, protecting user funds remained the top priority. The team tested new smart contract logic to ensure safe reallocation of funds. While the procedure took time, security was prioritized over speed.

New Smart Contracts and Fund Reallocation

The new smart contract logic was specifically designed for bulk fund reallocation. Users who complete the required KYC verification will be able to securely access their funds. Wallets of users who have not yet completed the verification process remain frozen, but they can initiate verification through WLFI’s help center.

By implementing these measures, WLFI ensures both regulatory compliance and maximum protection for user funds. The platform reiterated that the attacks stemmed from external vulnerabilities, not the WLFI network itself.

Important Information for Users

• Affected users will have funds reallocated to new wallets after completing KYC verification.

• Users who have not verified their identity can start the process via the support center.

• The new smart contracts ensure secure bulk fund transfers for all verified users.

WLFI continues to update users and prioritize platform security while maintaining trust and regulatory standards.

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post Is the WLFI Network at Risk? User Wallets Secured appeared first on Coin Engineer.

Crypto scams have been rapidly increasing recently. In particular, the zero-value transfer phishing method is threatening investors. In this method, scammers manipulate users’ wallet histories with zero-value token transfers. Users, mistaking fake addresses for legitimate ones, accidentally send their assets to scammers.  

An investor fell victim to two separate zero-value transfer scams within three hours, losing 843,000 USDT and 1.75 million USDT. According to Cyvers’ report dated May 26, 2025, this method employs a sophisticated onchain phishing tactic. Scammers exploit the token transferFrom function to add zero-value transactions to wallets, causing users to copy incorrect addresses. Additionally, between 2022 and 2024, 270 million address poisoning attempts were detected on Ethereum and BNB Chain. Of these, 6,633 were successful, resulting in losses of 83.8 million dollars.  

ALERTOur system has detected~2.6M $USDT loss from a targeted address poisoning scam involving zero-value transfers. A single victim was repeatedly scammed by the same attacker address.

First, the victim lost 843K $USDT.
About 3 hours later, the same victim sent 1.75M… pic.twitter.com/WWVlrZvavK

— Cyvers Alerts (@CyversAlerts) May 26, 2025

Address Poisoning and Security Measures  

Address poisoning is another method frequently used by scammers. In this technique, scammers create fake addresses that closely resemble legitimate wallet addresses. For example, they mimic the first and last characters of an address to deceive users. In one incident, an investor sent 71 million dollars’ worth of Wrapped Bitcoin to a fake address, but the scammer returned the funds. However, in similar cases, losses are often unrecoverable.

According to CertiK’s 2025 report, phishing attacks in 2024 caused losses exceeding 1 billion dollars. Users should carefully verify addresses before transactions. Using hardware wallets, enabling two-factor authentication, and updating software only from trusted sources enhance security. Additionally, conducting small test transactions can prevent significant losses.  

For instance, Scam Sniffer reported a 771,000-dollar loss due to address poisoning in February 2025. Users should regularly check their wallet histories and report suspicious transactions.  

Crypto Scam: 20 Million USDT Theft  

In a notable case, on August 1, 2023, a scammer successfully stole 20 million USDT through a zero-value transfer phishing attack. According to PeckShield’s report, the victim (wallet address: 0x4071…9Cbc) intended to send funds to 0xa7B4BAC8f0f9692e56750aEFB5f6cB5516E90570. However, the scammer used a similar fake address (0xa7Bf48749D2E4aA29e3209879956b9bAa9E90570) to deceive the investor. After the investor sent 10 million USDT from Binance to another address, the scammer intervened, manipulating the transaction history with a fake zero USDT transfer. As a result, the victim sent 20 million USDT to the scammer’s address.

Tether blacklisted the fake address approximately one hour after detecting the scam. This swift response drew attention in the crypto community. ZachXBT questioned Tether’s speed, suggesting that a “serious player” might be behind the incident. This event highlights that zero-value transfer scams caused over 40 million dollars in losses in 2023.  

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post Crypto Fraud Alert: 20M USDT Missing in Scam appeared first on Coin Engineer.

Changpeng Zhao (CZ), the founder of Binance, issued a serious warning to crypto users in a post on the social media platform X. He highlighted an increase in phishing attacks and urged users to take immediate precautions against these threats. 

Scammers often impersonate fake support representatives to steal user information. CZ emphasized that passwords should never be shared with anyone. Genuine support teams never ask for passwords. He also advised against clicking on links received via email. Users are recommended to type the URL directly into the browser to access sites. This method can prevent most phishing attacks. 

Password Security and Password Managers 

Binance’s CZ stated that the same password should not be used across different platforms. Each site should have unique and strong passwords. Password managers offer extra protection by recognizing fake domain names. These small but crucial steps can prevent significant losses. CZ said, “Use unique passwords for each platform. Password managers make this process easier.” 

Two-Factor Authentication and Hardware Keys 

CZ recommended hardware-based 2FA to enhance security. Physical security keys like Yubikey significantly reduce phishing attacks. These keys verify that the person logging in is really you. Research by Binance on users in Asia supports CZ’s words. According to data, 80% of users use two-factor authentication. However, the use of advanced security tools remains low. 

For example, only 21.5% use phishing prevention codes, and just 17.6% use IP whitelisting features. These figures indicate the need for users to develop more conscious security habits. 

Coinbase Incident and Increasing Threats 

Last week’s Coinbase incident revealed the seriousness of the threats. Some overseas support staff accepted bribes to gain access to customer information. This showed that not only technical but also human vulnerabilities pose significant risks. The crypto ecosystem is becoming increasingly complex day by day. The type and frequency of cyberattacks are rising. Therefore, users must not remain passive. It is important to remember that security is not only the responsibility of companies. 

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post Binance CZ Urgent Crypto Security Warning appeared first on Coin Engineer.