Hackers Exploit Tether Delay to Snag $78M in USDT
Tether’s wallet blacklisting system just got exposed for having a major weak spot — and hackers were quick to take full advantage.
A new report from blockchain compliance firm AMLBot, released on May 15, reveals that over $78 million in USDT was successfully moved by criminals before Tether could freeze their wallets. The key issue? A lag in it’s two-step blacklist system.
Here’s how it works: Tether first publishes a public “warning” on-chain when a wallet is flagged, but the actual freeze comes later. That delay — sometimes up to 45 minutes — is all attackers need to make a clean escape.
In one case shared by AMLBot, the warning hit at 11:10 UTC, but the wallet wasn’t frozen until 11:54 UTC. That’s nearly an hour for the hacker to move funds — and they did.
Between Ethereum and Tron, $28.5M and $49.6M respectively were funneled out of flagged wallets from 2017 to 2025. Out of 3,480 wallets flagged on Tron, 170 managed to beat the system, each moving close to $292K before the freeze kicked in.
“This isn’t just a tech bug — it’s a playbook for bad actors,” AMLBot warned. Hackers can now monitor Tether’s blacklist signals in real time and act fast.
Tether pushed back on the claims, saying the lag doesn’t mean the system is broken. It highlighted ongoing collaboration with 255+ law enforcement agencies across 55 countries and mentioned that $2.7B in USDT has already been frozen.
Still, they admit there’s room for improvement — and say they’re working to tighten the gap.
YOU MIGHT ALSO LIKE: Breaking !Coinbase’s 1,000-Job Offer: A Fresh Start for DOGE Task Force Veterans
