Tether blacklisted over 4,100 unique addresses and froze nearly $1.3 billion in USDT on Ethereum and Tron during 2025. Here's what the on-chain data tells us, and what you can do to protect yourself.
Your USDT Can Be Frozen. Yes, Yours.
Here's something that might keep you up at night: Tether can freeze your USDT based on a single verified law enforcement request. No court order needed for the freeze itself. A verified request from any of the 275+ agencies Tether works with across 59 jurisdictions is enough. For OFAC-sanctioned addresses, Tether freezes proactively without any external request at all.
Internally, Tether's multi-signature governance means multiple officials must approve each freeze. But there's no advance notice to the wallet holder, and no pre-freeze appeals process. By the time you find out, your tokens are already locked.
Whether you're holding USDT in a personal wallet, a business treasury, or a DeFi protocol, you're holding tokens that come with a built-in kill switch. And in 2025, Tether pulled that switch more aggressively than ever before.
We analyzed on-chain data from every AddedBlackList event on both Ethereum and Tron throughout 2025. These two chains account for the vast majority of USDT circulation (Tron alone holds over 50% of all USDT supply, with Ethereum being the second largest), making them the most relevant for understanding Tether's enforcement activity. Here's what we found: 4,163 unique USDT addresses were blacklisted, locking up $1.26 billion in frozen funds. That's roughly $3.4 million frozen every single day.
Note: Our analysis counts unique addresses, not events. Three addresses on Tron were blacklisted multiple times during 2025 (two were removed then re-added, one appears to be a duplicate operation). We deduplicated by keeping only the first blacklisting event per address to avoid double-counting.
But the raw numbers only tell part of the story. When you dig into the patterns (which chains got hit, how much was at stake, who's being targeted, and how rarely addresses get unfrozen), you start to see just how important proactive compliance has become for anyone dealing with stablecoins.
Let's break it all down.
How USDT Blacklisting Actually Works
Before we dive into the data, let's make sure we're on the same page about the mechanics. If you already know how Tether's blacklist works, feel free to skip ahead. But even experienced crypto practitioners are sometimes surprised by the details.
The Three Key Functions
Tether's USDT smart contract (on both Ethereum and Tron) includes three privileged functions that only the contract owner can call:
addBlackList(address): Marks a wallet as frozen. Once this executes, the address can't send or receive USDT. The tokens are still visible in the wallet, but they're completely immovable. This emits an AddedBlackList event on-chain.removeBlackList(address): Lifts the freeze, restoring normal transfer capability. Emits a RemovedBlackList event. As you'll see in the data, this happens far less often than blacklisting.destroyBlackFunds(address): The nuclear option. This permanently burns the USDT held by a blacklisted address, reducing the total supply. The tokens are gone forever. Emits a DestroyedBlackFunds event.
These functions live in the smart contract itself. You can read them on Etherscan for the ERC20 version. The Tron version mirrors the same architecture.
What Triggers a Freeze?
Tether doesn't publish a step-by-step policy document, but based on their official statements, public disclosures, and observable patterns, addresses get frozen through three main pathways:
1. Law enforcement requests (the most common path). An agency (FBI, DOJ, Secret Service, DEA, Europol, or any of the 275+ agencies across 59 jurisdictions that Tether works with) identifies suspect wallets during an investigation and sends a verified request. Tether doesn't always require a formal court order; a verified request from an official agency domain citing legal grounds is sufficient. In urgent cases, Tether has even acted on informal email notifications with formal documentation to follow. Over three years, Tether has processed 900+ law enforcement freeze requests, with approximately 460 from U.S. agencies alone.
2. OFAC/sanctions compliance (automatic since December 2023). Tether proactively freezes any address appearing on the OFAC SDN (Specially Designated Nationals) list, no law enforcement request needed. When this policy launched, Tether immediately blocked all 161 addresses already on the SDN list.
3. Proactive freezing based on blockchain intelligence. Through partnerships with the T3 Financial Crime Unit (a joint initiative with TRON and TRM Labs launched in 2024), Tether freezes addresses tied to hacks, scams, and terrorist financing, sometimes before formal law enforcement requests arrive. The T3 FCU alone has frozen over $300 million in criminal assets across 23 jurisdictions as of October 2025.
The types of activity that lead to freezes include:
-
Counter-terrorism financing: BlockSec's analysis documented that Tether proactively blacklisted 17 Hamas-linked addresses before the public release of corresponding seizure orders. The June 2025 enforcement wave targeted 151 addresses linked to terrorist organizations on Tron.
-
Fraud and scams: Pig butchering scams, Ponzi schemes, and investment fraud. In June 2025, federal prosecutors filed a civil forfeiture complaint to seize approximately $225 million in USDT allegedly involved in cryptocurrency investment fraud.
-
Hack recovery: The T3 FCU froze $9 million connected to the Bybit hack in March 2025. In a separate case, stablecoin issuers including Tether froze $5 million linked to the Lazarus Group following an investigation by blockchain researcher ZachXBT.
-
Money laundering and illicit goods: According to T3 FCU's annual report, illicit goods and services accounted for 39% of investigated crime types, alongside fraud, hacks, DPRK-linked operations, and terrorism financing.
One important distinction: freezing and seizure are separate steps. The freeze (addBlackList) is a temporary hold that doesn't require a court order. The actual seizure, where Tether calls destroyBlackFunds() to burn frozen USDT and mints new tokens to a government-controlled wallet, typically requires a court order through civil asset forfeiture proceedings. This "burn and reissue" process is how law enforcement actually takes custody of frozen funds.
The Multisig Delay Problem
Here's a detail that matters if you're thinking about compliance timing. On Tron, Tether uses a multisig wallet to execute blacklisting. This creates a two-step process: first, one signer submits the blacklist request (which is publicly visible on-chain), and then a second signer confirms it, triggering the actual AddedBlackList event.
This creates a window (sometimes up to 44 minutes) where a targeted address can still move funds after the blacklist intent becomes publicly visible. According to Cointelegraph, this delay allowed over $78 million in illicit USDT to be moved before enforcement took effect.
This is exactly why real-time monitoring matters. If you're waiting for blockchain explorers to show a confirmed blacklist event, you're already behind. Sophisticated actors are monitoring the mempool and multisig submissions to front-run enforcement. Your compliance tooling needs to be just as fast.
The 2025 Data: What On-Chain Events Tell Us
We analyzed all AddedBlackList, RemovedBlackList, and DestroyedBlackFunds events for USDT across both Ethereum (ERC20) and Tron (TRC20) throughout 2025. Here's what we found.
The Big Picture
| Metric | Value |
|---|---|
| Unique addresses blacklisted | 4,163 |
| Addresses removed | 383 |
| Total frozen balance | $1.26B |
| Funds permanently destroyed | $698.42M |
A few things jump out immediately.
Over half of frozen USDT was eventually destroyed. Tether burned $698 million of the $1.26 billion frozen, or 55.6% of frozen value permanently removed from circulation. That tells us a huge chunk of blacklisted funds were tied to closed investigations where nobody was getting their money back. Once your USDT is destroyed, no legal action, no appeal, no process can bring it back. Note that the destroyed funds are typically re-minted and returned to the victims or released to law enforcement agencies.
Getting off the blacklist is extremely rare. Out of the 4,163 unique addresses Tether blacklisted in 2025, only 150 (3.6%) were later removed from the blacklist within the same year. The other 231 removal events in 2025 were for addresses that had been blacklisted before 2025. Once you're on the list, the odds are stacked heavily against you getting off it.
Chain Breakdown: Tron vs. Ethereum
| Chain | Addresses Blacklisted | Total Frozen | Avg Balance |
|---|---|---|---|
| TRC20 (Tron) | 3,506 | $853.08M | $243,319 |
| ERC20 (Ethereum) | 657 | $402.97M | $613,353 |
Tron had 5.3x more addresses blacklisted than Ethereum, which aligns with the widely reported trend of illicit actors preferring Tron for its lower transaction fees and faster confirmation times. BlockSec's terrorist financing analysis found that during the June 2025 enforcement wave, 90% of blacklisted addresses were on Tron.
But Ethereum addresses had 2.5x higher average balances ($613K vs. $243K), meaning larger concentrations of funds tend to sit on Ethereum. In absolute dollar terms, Tron significantly exceeded Ethereum ($853M vs. $403M in total frozen value), reflecting the massive volume of illicit activity on that chain.
The takeaway: if you're handling USDT on Tron, you face dramatically higher volume of risky addresses (84.2% of all blacklisted addresses were on Tron). If you're on Ethereum, the individual stakes per address tend to be bigger.
Monthly Trends: The July Surge
Here's where the data gets really interesting. July 2025 stands out as the most active enforcement month by far.
| Month | Addresses Blacklisted | Amount Frozen |
|---|---|---|
| Jan | 248 | $113.32M |
| Feb | 208 | $79.31M |
| Mar | 288 | $71.02M |
| Apr | 286 | $168.65M |
| May | 400 | $67.66M |
| Jun | 194 | $98.81M |
| Jul | 1,158 | $154.36M |
| Aug | 256 | $138.05M |
| Sep | 370 | $92.22M |
| Oct | 303 | $146.29M |
| Nov | 255 | $72.25M |
| Dec | 197 | $54.12M |
The second half of 2025 was actually more active than the first. H2 (July-December) saw 2,539 addresses blacklisted ($657.28M frozen) versus H1's (January-June) 1,624 addresses ($598.77M). The July surge alone (1,158 addresses) accounted for nearly half of H2's total.
What explains July's massive spike? Several factors:
-
Major coordinated law enforcement operations: The data shows July had nearly 3x more blacklisted addresses than any other month. This looks like a massive coordinated crackdown, likely tied to the T3 Financial Crime Unit's expanded operations. The 1,069 Tron addresses blacklisted in July alone represent a concentrated enforcement wave.
-
GENIUS Act aftermath: With U.S. stablecoin legislation signed into law on July 17, 2025, Tether may have accelerated enforcement to demonstrate compliance with the new regulatory framework. The spike immediately following the law's passage fits this narrative.
-
Counter-terrorism enforcement waves: The June 2025 spike (194 addresses, $98.81M) aligns with the documented enforcement wave that targeted addresses linked to terrorist financing on Tron. July's even larger wave may represent the continuation and expansion of these operations.
-
Quarterly patterns: Q3 was by far the most active quarter (1,784 addresses, $384.62M), suggesting enforcement resources were heavily concentrated in that period.
The Destroyed Funds Timeline
Tether didn't just freeze funds in 2025. It permanently burned $698 million of them. Here's how the burn events played out month by month:
| Month | Events | Amount Destroyed |
|---|---|---|
| Jan | 15 | $17.23M |
| Feb | 15 | $8.67M |
| Mar | 46 | $35.19M |
| Apr | 85 | $63.26M |
| May | 34 | $10.51M |
| Jun | 21 | $238.87M |
| Jul | 56 | $40.83M |
| Aug | 179 | $52.43M |
| Sep | 26 | $15.72M |
| Oct | 114 | $105.99M |
| Nov | 83 | $93.20M |
| Dec | 36 | $16.52M |
June 2025 stands out massively: $238.87 million destroyed in just 21 events, over a third of all 2025 destructions in a single month, with an average of $11.37 million per event. We believe this was the culmination of a major investigation reaching its final phase. Tether got the green light to permanently burn funds that couldn't be returned to victims.
Note the lag between freezing and destruction. The August peak in destruction events (179 events) came after July's massive freeze wave. This lag tells us something important: Tether doesn't immediately destroy frozen funds. There's typically a period where funds sit frozen while investigations conclude and legal processes play out. But once the destruction order comes, it's final.
Balance Distribution: Who's Getting Frozen?
The distribution of frozen balances reveals who Tether is targeting and who's getting caught in the net.
| Balance Range | Addresses | Total Frozen | % of Total Value |
|---|---|---|---|
| Exactly $0 | 1,404 | $0 | 0% |
| $0.01 - $100 | 308 | $4,588 | <0.01% |
| $100 - $1K | 129 | $56,115 | <0.01% |
| $1K - $10K | 330 | $1.57M | 0.1% |
| $10K - $100K | 813 | $35.66M | 2.8% |
| $100K - $1M | 854 | $273.87M | 21.8% |
| $1M - $10M | 257 | $631.74M | 50.3% |
| $10M+ | 18 | $313.15M | 24.9% |
33.7% of blacklisted addresses had exactly zero balance at the time of freezing. Another 7.4% had less than $100. So roughly 41% of all blacklisted addresses held negligible or no funds. Why does Tether bother? Because these addresses are still part of the investigation record. They're wallets that moved illicit funds before enforcement caught up, and freezing them prevents any future use.
BlockSec's analysis backs this up: 54% of blacklisted addresses had already moved most of their funds before enforcement hit. The bad actors are often faster than the blacklist.
The whale wallets tell the biggest story. Just 18 addresses in the $10M+ bracket accounted for $313.15 million, or 24.9% of all frozen value. The $1M-$10M bracket added another $631.74 million across 257 addresses. Combined, these 275 addresses (6.6% of total) held 75.2% of all frozen value.
We think this points to a two-tier enforcement approach. The big fish, likely tied to major investigations, drive most of the dollar impact. Meanwhile, the thousands of smaller addresses are about dismantling infrastructure: taking out the runner wallets, intermediaries, and laundering nodes that keep illicit networks running.
Here are the top 5 largest individual freezes in 2025:
| Rank | Amount | Chain | Date | Address | Transaction |
|---|---|---|---|---|---|
| 1 | $50.25M | ERC20 | Jan 16 | 0x12985...e427 |
0x76bae...a493 |
| 2 | $40.26M | ERC20 | Aug 18 | 0x51dc0...a8d5 |
0x90110...cd9e |
| 3 | $26.12M | ERC20 | Oct 30 | 0xf3bfc...3eb |
0x44605...aeb8 |
| 4 | $20.94M | ERC20 | Feb 22 | 0x3e1b3...87b0 |
0xa1b3b...d0ba |
| 5 | $17.23M | ERC20 | Apr 4 | 0xe1e13...9d1 |
0x9a13f...d965 |
All five top freezes happened on Ethereum. The largest single Tron freeze was $15.21M (February 7) at address TXRxg7DRpNsMCFYZtRjZMmhhZ9SfGhwzoq. This concentration of mega-freezes on Ethereum reinforces the chain comparison: Tron hosts vastly more illicit addresses, but Ethereum hosts the bigger individual fish.
Day-of-Week Patterns: When Does Tether Pull the Trigger?
| Day | Addresses | % of Total |
|---|---|---|
| Monday | 786 | 18.9% |
| Tuesday | 565 | 13.6% |
| Wednesday | 535 | 12.9% |
| Thursday | 566 | 13.6% |
| Friday | 693 | 16.6% |
| Saturday | 932 | 22.4% |
| Sunday | 86 | 2.1% |
Saturday is Tether's busiest blacklisting day by a significant margin. Over 22% of all 2025 freezes happened on Saturdays. Sunday sees dramatically lower activity at just 2.1% of events.
The Saturday peak is somewhat unexpected for a business operation. It may reflect coordinated enforcement actions being executed when regular market activity is lower, or it could indicate batch processing of accumulated requests before the new week. Monday is the second-busiest day (18.9%), suggesting a pattern of weekend enforcement followed by weekday follow-up.
If you're running compliance, this is worth knowing: significant blacklisting activity happens over the weekend, so your monitoring shouldn't take days off.
Removal Patterns: What Are the Odds?
If your address gets blacklisted, what are your chances of getting it removed?
The honest answer: not great.
- Same-year removal rate: Only 150 out of 4,163 unique addresses blacklisted in 2025 were later removed, just 3.6%
- Median time to removal: 18.2 days (for those lucky few who do get removed)
- Average time to removal: 55.4 days
- Longest wait: 278 days before removal
The gap between the median (18.2 days) and average (55.4 days) tells an important story. Most removals happen relatively quickly, likely mistaken freezes or temporary investigative holds that get resolved fast. But a significant minority of addresses spend months on the blacklist before being cleared. And 96.4% of 2025 blacklisted addresses were never removed at all within the year.
Additionally, 231 addresses that were removed in 2025 had originally been blacklisted in 2024 or earlier. These represent cases where investigations concluded and addresses were finally cleared, sometimes more than a year after the initial freeze. The compliance wheels turn slowly.
Putting It in Context: Why 2025 Was a Turning Point
The 2025 blacklisting data didn't happen in isolation. A few big shifts made this year a genuine turning point for stablecoin compliance.
The GENIUS Act Changed Everything
The GENIUS Act (Guiding and Establishing National Innovation for U.S. Stablecoins), signed into law on July 17, 2025, created the first comprehensive U.S. federal framework for stablecoins. Here's what matters:
- Stablecoin issuers are now "financial institutions" under the Bank Secrecy Act. That means full AML/CFT and sanctions compliance is legally required, not just a best practice.
- Foreign issuers must register with the OCC: Tether, based in the British Virgin Islands, must demonstrate the ability to comply with U.S. "lawful orders," including asset freezes and AML directives.
- Three-year transition period: Issuers have until mid-2028 to fully comply. But the writing is on the wall. Enforcement actions aren't waiting.
- Full reserve audits required: Issuers with over $50 billion in outstanding stablecoins must submit audited annual financial statements.
For anyone handling stablecoins in the U.S. market, this law doesn't just apply to issuers. VASPs, exchanges, OTC desks, and payment processors are all caught in the compliance net. If you're not already screening addresses and monitoring transactions, the regulatory clock is ticking.
Stablecoins = 84% of Illicit Crypto Volume
According to Chainalysis's 2026 Crypto Crime Report (covering 2025 data), stablecoins now account for 84% of all illicit cryptocurrency transaction volume. That's not because stablecoins are inherently bad. It's because they're the most widely used crypto asset class, period. Legitimate and illegitimate activity alike flows through stablecoins.
What does this mean for you? If you're handling stablecoins at any scale, you're almost guaranteed to encounter addresses with some connection to illicit activity. It's not a question of if you'll touch a tainted address, but when. And the only thing that matters at that point is whether you caught it in time.
The $3.3 Billion Bigger Picture
Our 2025 data shows $1.26B frozen in USDT. But this is just one year's slice. According to on-chain data, Tether has frozen over $3.29 billion across 7,268 addresses from 2023 to 2025. The trend line is clear: each year brings more freezes than the last.
And as we saw in the January 2026 data (outside our analysis period), Tether froze $182 million across just five Tron addresses in a single coordinated action, suggesting that 2026 will continue or exceed 2025's enforcement pace.
So What Should You Actually Do?
If you're reading this thinking "this doesn't apply to me," reconsider. You don't need to be a criminal to get caught up in a freeze. All you need is to receive USDT from the wrong address, or interact with a DeFi protocol that has tainted funds flowing through it, or accept an OTC trade from a counterparty whose wallet has upstream connections to a blacklisted address.
Here's a practical playbook for protecting yourself.
1. Screen Every Address Before You Transact
This is the single most important step you can take. Before sending or receiving significant USDT amounts, check the counterparty address.
The basic approach: on-chain blacklist check. You can query getBlackListStatus(address) or isBlackListed(address) directly on the USDT smart contract through Etherscan or Tronscan. If it returns true, the address is currently blacklisted. But this only tells you about current blacklist status. It won't warn you if an address is about to be blacklisted, or if it has upstream connections to sanctioned entities, scam operations, or mixer outputs.
What you actually need: AML/KYT screening. For real protection, you need tools that look beyond just the blacklist. A proper screening platform checks addresses against:
- Current blacklists (USDT and other stablecoin issuers)
- OFAC sanctions lists and other regulatory watchlists
- Known scam, phishing, and fraud addresses
- Mixer and tumbler outputs
- Darknet marketplace addresses
- High-risk exchange and service addresses
- Fund flow connections (multiple hops, not just direct)
BlockSec Phalcon Compliance lets you scan any wallet address directly from their website, no account creation or demo calls required. It screens against 400+ million labeled addresses across 20+ blockchains (Ethereum, Tron, BSC, Polygon, Base, Optimism, and more) with millisecond-level API response times. You can start screening in seconds and integrate it into your transaction workflow without adding friction.
2. Implement Continuous Transaction Monitoring
One-time screening isn't enough. The data tells us why: addresses that are clean today might get blacklisted tomorrow. Our analysis shows that 33.7% of blacklisted addresses had $0 balance, meaning they were flagged as part of investigations after they'd already been used. If you screened that address when it had funds in it, it would have appeared clean.
You need continuous monitoring that:
- Flags incoming transactions from newly blacklisted or high-risk addresses
- Alerts you when counterparties' risk profiles change (e.g., a customer's wallet starts interacting with sanctioned entities)
- Tracks fund flows multiple hops deep, not just direct connections, because sophisticated laundering uses chains of intermediary wallets
- Generates compliance reports you can show to regulators if questions arise
BlockSec Phalcon Compliance provides real-time KYT (Know Your Transaction) monitoring with an AI engine that processes 500+ transactions per second and analyzes 200+ risk signals simultaneously. It tracks fund flows across 20+ cross-chain bridges to catch laundering that hops between chains. When something looks suspicious, you can generate Suspicious Transaction Reports (STRs) in one click, aligned with FATF standards across 27+ jurisdictions. That's exactly the kind of paper trail you'll need if a regulator comes knocking.
3. Don't Wait for the Freeze. Act on Early Warning Signs
Remember the multisig delay we discussed? Smart actors monitor Tether's multisig submissions to detect blacklisting before it's confirmed. Your compliance system should be tracking these signals too.
Beyond that, watch for these red flags in your counterparties:
- Sudden large inflows from unknown addresses, especially on Tron
- Funds that have passed through known mixers like Tornado Cash
- Addresses that received funds from recently blacklisted wallets, often downstream in the same illicit network
- Transaction patterns consistent with layering: rapid transfers through multiple wallets in quick succession
If you spot these patterns, don't just monitor. Take action. Flag the transaction, escalate internally, and file an STR if warranted. Having a documented trail of proactive compliance decisions is your strongest protection if regulators or law enforcement come asking questions later.
4. If You Get Frozen: What to Expect
Despite your best efforts, what if your address ends up on the blacklist? Here's what the data and precedent tell us to expect.
There's no formal public appeals process, but paths to resolution exist. Tether doesn't publish a clear procedure for contesting a freeze, and historically only about 6% of all blacklisted wallets have ever been removed. That said, successful unfreezes do happen through several channels:
- Law enforcement channels: If you were frozen as part of an investigation and subsequently cleared, the investigating agency typically coordinates with Tether to remove the block. This accounts for most of the 150 same-year removals in our data. In some cases, Tether may direct you to the lead federal agent handling your case.
- Direct outreach to Tether: You can contact Tether's compliance team with your frozen address, transaction records, identity verification, and proof of legitimate fund sources. Response times are unpredictable, but Tether has stated they review cases and may unfreeze after verification.
- Legal action: In a notable 2025 case, a Texas-based firm sued Tether after $44.7 million was frozen at the request of Bulgarian police, arguing that proper international legal procedures weren't followed. Legal challenges can work, but they're expensive and slow. Consider hiring an attorney with experience in crypto asset forfeiture. This is becoming a specialized field.
Understand the two-step process. A freeze (addBlackList) is a temporary hold: your tokens are locked but still exist. The permanent step is seizure (destroyBlackFunds), which typically requires a court order through civil asset forfeiture proceedings. If your funds are frozen but not yet destroyed, you still have a window to make your case. Once destruction happens, there's no reversal.
Your compliance records become your lifeline. If you believe you were wrongly frozen, everything you can show about your due diligence process (transaction screening logs, KYC documentation for counterparties, AML policies, STR filings) strengthens your case for removal. This is another reason to invest in compliance tooling before you need it.
Time is critical. The median removal time is 18.2 days for the 3.6% who do get unfrozen within the same year. But if you're not in that lucky minority, you could be waiting 9+ months. And if Tether proceeds to destroyBlackFunds, your USDT is gone permanently. $698 million was destroyed in 2025 alone.
Watch out for scammers. People claiming they can "hack" Tether's contract or reverse a blacklist are running a scam. The blacklist is controlled exclusively by Tether's multi-signature governance. No external party can modify it.
5. Build Compliance Infrastructure Now, Not Later
The GENIUS Act's three-year transition period means that by mid-2028, every stablecoin player in the U.S. market will need full BSA/AML compliance. But here's what the smart operators already know: waiting until the deadline is a strategic mistake.
- Regulators are already watching. Enforcement actions don't pause for transition periods.
- Partners require it. Banks, exchanges, and institutional counterparties increasingly require compliance documentation before engaging.
- Building takes time. Setting up screening workflows, training staff, establishing relationships with regulators, and accumulating a track record of compliance all take months or years, not weeks.
If you're a VASP, OTC desk, payment provider, or DeFi protocol handling stablecoins, building your compliance infrastructure now gives you a competitive advantage. You don't need a giant compliance department to get started. BlockSec Phalcon Compliance is built for teams of any size, with a search-first approach that lets you start screening the moment you visit the site. No sales calls, no onboarding process, no long contracts. Their credit-based pay-as-you-go pricing means you only pay for what you use, scaling up or down with your actual volume. It's already trusted by 500+ organizations including major exchanges and regulatory bodies.
The Bottom Line
In 2025, Tether froze $1.26 billion across 4,163 unique USDT addresses. Only 3.6% of those got unfrozen within the same year. $698 million was permanently destroyed. Enforcement peaked dramatically in July, with Saturday being the most active day for new blacklists. And with the GENIUS Act now law and global AML requirements tightening, this pace is set to accelerate.
The days of treating stablecoins as "just digital dollars" with no strings attached are over. Whether you're running an exchange, processing payments, managing a protocol's treasury, or holding a large bag of USDT in a hot wallet, the freeze risk is real and it's growing.
Here's how we see it: the cost of screening a few thousand addresses is a rounding error compared to the cost of a freeze. And it's nothing compared to watching your USDT get permanently destroyed because you didn't catch a tainted counterparty.
Don't wait until you see your address on the blacklist. By then, it's already too late.
This analysis covers USDT on Ethereum (ERC20) and Tron (TRC20) only, which together represent the dominant majority of USDT circulation. USDT on other chains (Solana, Avalanche, etc.) is not included. All timestamps and dates in this article are in Coordinated Universal Time (UTC). All statistics are derived from AddedBlackList, RemovedBlackList, and DestroyedBlackFunds contract events for the full year of 2025, with deduplication applied to count unique addresses rather than events. Our data has been cross-validated against Dune Analytics queries (100% match for both Ethereum and Tron monthly counts) and verified through on-chain sampling of 20%+ of all records. Statistics were independently verified using both Python and Go implementations with identical results. External data points are sourced and linked inline.
For real-time address screening and transaction monitoring, check out BlockSec Phalcon Compliance. Scan any address instantly from your browser, no signup required. 400M+ labeled addresses, 20+ blockchains, millisecond API response, and pay-as-you-go pricing.
Disclaimer: The data in this article is sourced from publicly available on-chain events and publicly reported information. While we've cross-validated our analysis using multiple independent implementations and on-chain verification, errors may exist. If you find any inaccuracies, please contact us so we can correct them promptly.
