A report by blockchain forensics firm AMLBot reveals that a delay in Tether's freezing mechanism for its USDT stablecoin has allowed malicious actors to exploit a loophole, resulting in over $78 million being lost since 2017. Tether blacklists addresses involved in illegal activities, yet a significant lag exists between the freeze request and its execution, creating a window of opportunity for illicit transactions. Notably, $49.6 million was reportedly withdrawn on the Tron network and $28.5 million on Ethereum during this delay. The issue stems from Tether's multi-signature protocol, requiring multiple approvals before a freeze takes effect. The complexity of this approval process could allow bad actors to move assets before the freeze is enforced. Security firm PeckShield confirmed the existence of the loophole, indicating that it is more of an operational challenge rather than a flaw in the smart contract itself, advocating for improvements to minimize the exploitability of this lag. As a result, there is concern that malicious entities may develop tools to monitor freeze requests and act before the freezes are executed.

Source 🔗