On December 21, in response to the "50 million USDT phishing attack," the Ethereum Community Foundation issued a statement on the X platform, urging a halt to the practice of truncating addresses with ellipses (e.g., 0xbaf4b1aF...B6495F8b5). Address information needs to be displayed in its entirety; hiding the middle part of the address creates unnecessary risks. Currently, some UI options provided by certain wallets and block explorers also have security vulnerabilities, which are all solvable.
As previously reported, the phishing attacker generated an address with the first and last three digits identical and transferred 0.005 USDT to the victim's address. Then, when the whale made the actual transfer, it either copied the address directly from the recent transaction history, and all 50 million USDT was transferred to the similar address generated by the phishing attacker. The phishing attacker quickly converted this 50 million USDT into DAI (to prevent it from being frozen), and then used it all to buy 16,624 ETH. This ETH was then laundered through Tornado.
