finance power data edu evo
our story news blog careers
finance power data edu evo
our story news blog careers
November 21, 2017
Print
Tether Critical Announcement

Yesterday, we discovered that funds were improperly removed from the Tether treasury wallet through malicious action by an external attacker. Tether integrators must take immediate action, as discussed below, to prevent further ecosystem disruption.

$30,950,010 USDT was removed from the Tether Treasury wallet on November 19, 2017 and sent to an unauthorized bitcoin address. As Tether is the issuer of the USDT managed asset, we will not redeem any of the stolen tokens, and we are in the process of attempting token recovery to prevent them from entering the broader ecosystem. The attacker is holding funds in the following address: 16tg2RJuEPtZooy18Wxn2me2RhUdC94N7r. If you receive any USDT tokens from the above address, or from any downstream address that receives these tokens, do not accept them, as they have been flagged and will not be redeemable by Tether for USD*.*

The following steps have been taken to address this matter:

  1. The tether.to back-end wallet service has been temporarily suspended. A thorough investigation on the cause of the attack is being undertaken to prevent similar actions in the future.

  2. We are providing new builds of Omni Core to the community. (Omni Core is the software used by Tether integrators to support Omni Layer transactions.) These builds should prevent any movement of the stolen coins from the attacker’s address. We strongly urge all Tether integrators to install this software immediately to prevent the coins from entering the ecosystem. Again, any tokens from the attacker’s address will not be redeemed. Accordingly, any and all exchanges, wallets, and other Tether integrators should install this software immediately in order to prevent loss:
    https://github.com/tetherto/omnicore/releases/tag/0.2.99.s     Note that this software will cause a consensus change to currently running Omni Core clients, meaning that it is effectively a temporary hard fork to the Omni Layer. Integrators running this build will not accept any token sends from the attacker’s address, preventing the coins from moving further from the attacker’s address.

  3. We are working with the Omni Foundation to investigate ways that will allow Tether to reclaim stranded tokens and rectify the hard fork created by the above software. Once this protocol enhancement is complete, the Omni Foundation will provide updated binaries for all integrators to install. These builds will supersede the binaries provided above by Tether.to. After the protocol upgrades to the Omni Layer are in place, Tether will reclaim the stolen tokens and return them to treasury.

Tether issuances have not been affected by this attack, and all Tether tokens remain fully backed by assets in the Tether reserve. The only tokens that will not be redeemed are the ones that were stolen from Tether treasury yesterday. Those tokens will be returned to treasury once the Omni Layer protocol enhancements are in place.

We will provide further updates as they come available, and we appreciate the community’s patience, understanding, and support while we work to rectify the situation in the best possible manner to everyone’s benefit.

The Tether Team

BACK TO NEWS

latest news

LATEST
Others
2025-06-18
Tether Acknowledged by DOJ for Support in $225M Seizure Linked to Pig Butchering Fraud

18 June 2025 – Tether, the largest company in the digital assets industry, today announced that it has been acknowledged by the United States Department of Justice (DOJ) for its assistance in a major enforcement action involving the seizure of approximately $225 million in USDt. The funds were linked to an extensive “pig butchering” fraud […]

Learn more
LATEST
Others
2025-06-12
Tether Acquires Strategic Stake in Elemental Altus to Deepen Push Into Gold and Hard Asset-Backed Financial Infrastructure

12 June 2025 – Tether Investments S.A. de C.V. (“Tether Investments”), an affiliate of the Tether Group, has announced the acquisition of a substantial stake in Elemental Altus Royalties Corp. (“Elemental”), a publicly listed gold-focused royalty company based in Canada. The investment marks a significant step in Tether’s broader strategy to integrate long-term, stable assets such […]

Learn more
LATEST
Others
2025-06-05
Tether Invests in Shiga Digital to Strengthen Africa’s On-Chain Financial Ecosystem

5 June 2025 — Tether, the largest company in the digital asset industry, today announced a strategic investment in Shiga Digital, a modern platform that offers pan-African access to blockchain-based financial solutions, usable in the real world and easily accessible. Shiga Digital offers virtual accounts, OTC services, treasury management, and foreign exchange (FX) services tailored […]

Learn more
Read all news
COOKIES
We use essential cookies to enable the website to operate efficiently. We also use analytical cookies to understand how users interact with it.
Essential cookies are necessary and cannot be blocked; for others, you can opt out through the buttons below.
You can update your preferences at any time by scrolling to the end of the page.
For more information, see our Cookies Notice.

Manage Cookies Preferences

Necessary
Analytical
List of strictly necessary cookies:
Name Domain Purpose Expiry Type
cookie_banner_data Tether.io It stores accepted cookie groups 1 month https
cookie_banner_timestamp Tether.io It stores accept cookies timestamp 1 month https
List of analytical cookies:
Name Domain Purpose Expiry Type
_ga Tether.io It is set by Google Universal Analytics to calculate visitor, session, campaign data and keep track of site usage for tde site's analytics report. More information can be found here https://policies.google.com/technologies/cookies?hl=en-US, and here https://support.google.com/analytics/answer/181881 * https
_ga_* Tether.io Used to persist session state 2 years https
_gat Tether.io It is set by Google Universal Analytics to throttle the request rate to limit the collection of data on high traffic sites. More information can be found here https://policies.google.com/technologies/cookies?hl=en-US, and here https://support.google.com/analytics/answer/181881 * https
_gat_* Tether.io This is a pattern type cookie set by Google Analytics, where the pattern element on the name contains the unique identity number of the account or website it relates to. It appears to be a variation of the _gat cookie which is used to limit the amount of data recorded by Google on high traffic volume websites. * https
_gcl_au Tether.io This cookie is used by Google Analytics to understand user interaction with the website 2 months https
_gid Tether.io It is set by Google Universal Analytics to store information of how visitors use a website and helps in creating analytics report of how the website is doing. More information can be found here https://policies.google.com/technologies/cookies?hl=en-US, and here https://support.google.com/analytics/answer/181881 Session https
For more information, see our Cookies Notice.