TLDR
- Tether’s freeze delay let $78M move from blacklisted wallets on Ethereum and Tron.
- Tron’s 60-minute freeze lag enabled $49.6M in illicit withdrawals.
- Bots alerted wallets on Ethereum, allowing $28.5M to escape freezes.
- Vulnerability is in freeze timing, not the contract, experts say.
- Tether is improving freeze speed after freezing $2.7B in suspicious funds.
A recent report has exposed a critical vulnerability in Tether’s freeze mechanism, allowing illicit actors to bypass enforcement. Blockchain analytics firm AMLBot revealed that 170 wallets exploited the time lag in freezing actions. This gap enabled the movement of nearly $78 million across Ethereum and Tron networks before blocks took effect.
Tron Network Enables $49.6M in Illicit Withdrawals
AMLBot’s analysis showed that Tether’s freeze mechanism on Tron suffers from an operational lag due to its multi-signature governance. This structure requires multiple approvals before a freeze is enforced, creating a delay window of up to 60 minutes. During this window, wallet owners move funds out before the enforcement locks the assets.
Researchers confirmed that 170 out of 3,480 blacklisted wallets took advantage of the time gap, each making up to three transactions. The average withdrawn amount reached $291,970 per wallet, while the median was $65,370. Most exploiters used real-time monitoring to detect freeze requests and acted before completion.
The report noted that $49.6 million was successfully withdrawn from the Tron network by accounts flagged for suspicious activity. While Tether’s contract design secures against unilateral actions, it introduced the vulnerability. AMLBot stated that criminals used automated tools to monitor Tether’s contract interactions to avoid the freeze.
Ethereum Network Hit as Freeze Timing Fails to Prevent $28.5M Exit
Tether’s delay in enforcing blacklists affected Ethereum as well, with bad actors withdrawing $28.5 million during freeze windows. Tron wallets received early alerts on freeze transactions and responded swiftly before enforcement. The lag again stemmed from the multi-signature system required sign-offs from different parties.
AMLBot’s report suggested that bots monitored Tether’s smart contracts and alerted wallet holders when initiating freeze attempts. This tactic gave bad actors a crucial advantage on Ethereum’s fast-moving network. On-chain behavior indicated that automation was in play, even if the bots were not directly observed.
Security firm PeckShield reviewed the findings and confirmed the structural vulnerability in the freeze delay process. The firm clarified that the issue lies in the process, not the contract itself. They recommended that Tether explore technical enhancements to reduce this vulnerability window.
Tether Defends Governance but Confirms System Refinement in Progress
In response, Tether emphasized its governance model which prevents abuse but causes brief enforcement delays. The company has frozen $2.7 billion in suspicious funds since its inception. Despite operational lags, Tether stated that this track record proves its ability to act against illegal activity.
The company collaborates with 255 law enforcement agencies across 55 countries and claims to act faster than many industry peers. It cited a recent case involving North Korea-linked hackers in which Tether responded more quickly than exchanges. Tether pointed to its transparent blockchain operations as a compliance advantage.
Tether confirmed that it is refining its current process to close the freeze lag window exploited by malicious actors. The company dismissed the term “loophole” as misleading, emphasizing its consistent cooperation with law enforcement.
