Crypto User Loses 3M USDT in Phishing Attack, Sparking Debate Over Tether’s Responsibilities

A crypto user lost over $3 million in USDT on Tuesday, Aug. 5, after unknowingly giving malicious actors access to their wallet. The incident reignited the ongoing debate over the risks of self-custody, as well as over the ability of stablecoin issuers like Tether to freeze tokens — with some calling for intervention and others warning it could undermine crypto’s core principles.

Per on-chain data from Etherscan, it appears that the victim mistakenly signed a malicious transaction, which gave authorization to the attacker to then initiate subsequent transactions and drain a total of 3.05 million Aave Ethereum USDT (AETHUSDT), worth about $3 million, from the victim’s wallet.

AETHUSDT is an Ethereum-based, yield-bearing token that represents deposits of USDT in top DeFi lending protocol Aave.

It is possible that the scammers created a fake spoofing site that looks like Aave, which the victim simply clicked on, or connected their wallet to. Just yesterday, on-chain security firm PeckShieldAlert reported that ads for fake Aave lookalike sites are popping up at the top of Google search results for the DeFi protocol.

Aave users are likely being targeted because the protocol’s total value locked (TVL) has surged to new all-time highs year, growing 42% in July alone to reach over $60 billion. The next-largest lending protocol, Morpho, has $9.52 billion in TVL.

The incident underscores the ongoing risk of phishing scams and spoofing in web3, where a single mistake can result in the loss of funds. Despite growing awareness, attackers continue to take advantage of convoluted wallet interfaces and limited user understanding.

“Stay alert, stay safe. One wrong click can drain your wallet,” data platform Lookonchain cautioned in a post on X (formerly Twitter) reporting on the incident. “Never sign a transaction you don’t fully understand. Double-check the URL, double-check all signature requests. Verify contract addresses from official sources.”

Eternal Debate

The situation quickly reignited a debate around Tether’s ability to intervene in such cases. As the issuer of USDT, Tether has the technical capability to freeze stolen USDT, but historically has only done so at the request of law enforcement authorities.

Some users replied to Lookonchain’s post calling for the attacker’s address to be blocked, arguing that theft warrants intervention.

One popular crypto account (@guyontheearth) wrote: “@Tether_to should be sorting this man out. They have the ability to do so. Why are they still allowing scammers to take millions. Shut them down.”

However, others believe that blocking addresses goes against the idea of crypto being open to everyone and worry it could cause problems if it’s not done fairly every time. For example, X user Schoad (@buythedipagain) argued that banks don’t help users if they willingly transfer money to a scammer, so Tether doesn’t need to either.

“If you start refunding such transactions, it would get exploited by people claiming they got scammed,” the user said. They added that anyone dealing with large sums should be careful before signing transactions and suggested that those who don’t may have been rushed and can afford the loss.

Tether did not immediately respond to The Defiant’s request for comment.

Self-Custody Pros and Cons

The incident also resurfaces the ongoing debate around the risks of self-custody, a core principle of DeFi. Supporters say controlling your private keys — instead of letting a centralized entity like an exchange custody your crypto — offers greater control, privacy, and protection from platform failures or government interference.

However, self-custody also comes with risks, as users are solely responsible for securing their wallets and recovery phrases. That means there’s no customer service to help a user out if they fall for scams, or send assets to the wrong address, or — as was possibly the case this time — simply clicking on a malicious link that ends up getting access to their self-custody crypto wallet.