Lessons From When the DEA Lost $55,000 in a Crypto Scam


According to reports, the US DEA fell for a crypto scam called address poisoning, losing stablecoins worth over $55,000 in the process. The incident serves as a reminder that the wild world of crypto will punish carelessness and unawareness. Address poisoning scams rely on haste to trick the wallet owner into sending cryptos to the wrong address. Fortunately, there are several ways to protect yourself against such scams.

No one is immune to crypto scams and thefts, not even the US Drug Enforcement Agency (DEA).


This month, it emerged that the US DEA fell for a crypto scam and lost stablecoins worth over $55,000. The incident serves as a reminder that the wild world of crypto will punish carelessness and unawareness, primarily through a deceptively simple scam.

How did the DEA get scammed? And how can you protect yourself? Let’s find out:


Raided via Address Poisoning

The US DEA fell for a crypto scam called address poisoning, which is on the rise in 2023.

It all started when the DEA seized tether (USDT) stablecoins worth over $500,000 from two Binance accounts in May 2023.

The accounts were suspected of being funded by illegal narcotics, as reported by Forbes. The seized funds were then stored in a Trezor hardware wallet controlled by the DEA.


Whenever US federal prosecutors seize assets (real estate, cash, crypto, etc.) from criminal activity, they forfeit it to the United States Marshals Service. This department is responsible for managing and selling seized assets.

The good and bad thing about cryptocurrencies and public blockchain networks is that all the transactions are transparent and public.

Anyone with an internet connection and the know-how can track transactions and available funds of a wallet address. Unfortunately for the DEA, a crypto scammer was doing precisely that.

Once the DEA had seized the $500,000 worth of tether, the agency prepared to send the stablecoins to the US Marshals Service.

First, as is good practice, the DEA conducted a test run by sending a nominal amount (about $45) to the US Marshals Service’s wallet address.

Observing the DEA-connected wallet’s blockchain activity, the scammer quickly created a wallet address to match the first five and last four characters of the US Marshals Service’s wallet address. 

The scammer then sent a cryptocurrency token from the fake address to the DEA-connected wallet. In doing so, the scammer created a transaction history on the DEA’s wallet, making it look like the US Marshals Service had sent the crypto.

The crypto thief hoped the DEA would use the fake address from the transaction history to send the rest of the funds to the scammer.

And the DEA did precisely that… Sending over $55,000 worth of stablecoin to the scammer’s wallet address.

The funds were moved away from the fake address by the time the authorities realized what had happened.

How Did the DEA Fall For the Scam?

Cryptocurrency wallet addresses are typically made up of 42 random alphanumeric characters, which makes them incredibly difficult to remember. Most crypto wallet users identify and verify addresses by only checking the first and last four characters of the address. 

Using vanity wallet address generators, scammers can create addresses matching the target wallet’s first and last characters. This is what happened in the US DEA crypto heist.

How Can You Protect Yourself from Such Attacks?

  • Awareness

Even reading this article may have raised your awareness, right? Awareness of the various types of crypto scams will keep you a step ahead of the defrauded.

Crypto scams range from social engineering attacks like email phishing and theft that rely on human habits – be cautious that “only checking the first and last digits” of a wallet is not enough to prevent a crypto hijack.

  • Take your time

Address poisoning crypto scammers look to take advantage of careless human behavior. The best way to protect yourself against address poisoning attacks is to check each character of the wallet address to which you are sending funds or set up a contact list, as suggested below.

  • Create a contact list

Centralized crypto exchanges and self-custodial wallets have features that allow users to save frequently used addresses or provide QR codes as a way to send contacts. This way, you don’t have to copy-paste the recipient’s wallet address whenever you want to send cryptos to them.

  • Use Ethereum Name Services

Ethereum Name Services (ENS) is a solution that converts 42 alphanumeric character-long wallet addresses to easy-to-remember usernames of your choice (as long as the username is still available). ENS also issues website domains. 

Using ENS usernames (e.g., alice.eth, bob.eth) eliminates the need to copy-paste and verify 42 alphanumeric character-long wallet addresses.

Self-custodial wallet Coinbase Wallet issues free ENS usernames that contain “cb.id” (e.g. alice.cb.id, bob.cb.id) at the end, making it easy and straightforward to send funds between Coinbase Wallet users. 

  • Delete suspicious tokens and NFTs

The public nature of crypto blockchains allows anyone to send you cryptocurrencies and NFTs to your wallet address. If you see a suspicious airdrop of tokens, you can ‘hide’ it in your wallet. You should not transfer or send the suspicious token to another account or a burner address to avoid triggering potentially malicious smart contracts tied to the tokens.

The Bottom Line

We have to cut the US DEA some slack. Anyone can become a victim of crypto scams, and it is important to stay humble, mindful, and curious. The crypto landscape is evolving at breakneck speed, and the scammers are becoming more technical and sophisticated daily.

If you are wondering if the DEA ever got their money back? According to Forbes, the scammer converted the stolen stablecoins into ethereum (ETH) and bitcoin (BTC) and moved the crypto to a new wallet.

The scammer is yet to be identified, but authorities have made up some ground in the investigation. They have identified two email addresses linked to Binance accounts that paid for the scammer’s gas fees.

Thankfully for the DEA, they realized soon enough to secure the rest of the $500,000.


Related Terms

Mensholong Lepcha

Mensholong Lepcha is a financial journalist specializing in cryptocurrencies and global equity markets. He has worked for reputed firms such as Reuters and Capital.com. Fascinated with blockchain technology, NFTs, and the contrarian school of investing, Mensholong has expertise in analyzing tokenomics, price movement, and technical details of Bitcoin, Ethereum, and other blockchain networks. He has also written articles on a wide range of financial topics including commodities, forex, central bank monetary policies, and other economic news.