Stablecoin volume on the Ethereum blockchain hits record at $908 billion

What’s new? AMLBot experts said that Tether is unable to instantly freeze wallets with the USDT stablecoin issued by it related to illegal activity. The vulnerability in the freezing mechanism, caused by the delay between request and execution under multi-signature contracts, creates a money “laundering loophole.” Using this delay, attackers have withdrawn more than $78 million on Ethereum and TRON blockchains since 2017.

AMLBot report

What else is known? Analysts note that USDT is generally perceived as a compliant asset because Tether utilizes its ability to freeze suspicious wallets at the request of law enforcement and has previously assisted them in investigations on multiple occasions. However, the significant delay between the start of the freeze and its application in the chain leaves room for the movement of criminal funds.

The vulnerability is a result of Tether contract customization with multiple signatures, the AMLBot report explains.

Thus, a freeze request is first sent to the chain, which requires multiple signatures for approval. This creates a “window of opportunity” that allows attackers to move funds before their address is frozen. Being blacklisted means that the address can no longer move Tether-issued assets, effectively rendering the tokens worthless.

Tether will not apply for a MiCA license to operate in the EU

The company’s head talked about the risks that the new law’s requirements create for the banking system

Read more

One example cited in the report shows a 44-minute delay between a freeze request and its confirmation on the TRON network. AMLBot claims that attackers have withdrawn $49,6 million in TRON since 2017 due to the vulnerability. Wallets were able to conduct up to three transactions during the delay window, with 4,88% of blacklisted wallets exploiting the loophole.

Meanwhile, $28,5 million in USDT was withdrawn from Ethereum during the same period. The total amount in the two networks amounted to $78,1 million.

A spokesperson for IS company PeckShield explained to Decrypt that the presence of such a vulnerability does not necessarily indicate a problem with the contract itself. The delay is an inherent part of multi-signature account design: it takes time for multiple people to sign off on a transaction. PeckShield allowed the possibility that Tether could combine a freeze request with signatures into a single transaction to eliminate the window.

Tether CEO announces the launch of a new stablecoin in the United States

Tether CEO announces the launch of a new stablecoin in the United States

Read more

A Tether spokesperson acknowledged the delay and said the company is improving the freeze process to eliminate any potential benefit to attackers.

“$76 million referenced in this report should be put in context of the more than $2,7 billion in USDT that Tether has successfully frozen and blocked to date,” the company added.

Back last year, Tether partnered with the TRON team and blockchain analytics company TRM Labs to create the T3 Financial Crime Unit (T3 FCU) task force to combat financial crime.

Since its launch in August 2024 through early 2025, T3’s efforts have frozen or seized more than 126 million USDT from criminals around the world. In March, the team froze 9 million in USDT related to the Bybit exchange hack, which was the largest in the history of the crypto industry.