You guys must never directly copy the address from the most recent transaction for transfers... Today, yet another profound lesson: a giant whale/institution lost 50 million USDT due to phishing with a similar address...

1. 10 hours ago, he withdrew 50 million USDT from Binance, then tested a transfer of 50 USDT to the address he planned to transfer to.

2. Here comes the key point: The phisher generated a similar address with the first and last 3 characters being the same and transferred 0.005 USDT to him. Then when he made the official transfer, he likely copied the address directly from the most recent transaction record, and then all 50 million USDT was transferred to the phisher's generated similar address...

3. The phisher quickly exchanged the 50 million USDT for DAI (to prevent freezing), and then bought a total of 16,624 ETH. These ETH were then all washed away through Tornado.

Phished whale/institution address: 0xcB80784ef74C98A89b6Ab8D96ebE890859600819

Phisher address: 0xBaFF2F13638C04B10F8119760B2D2aE86b08f8b5