Investor Loses Nearly $50 Million After Falling Victim to Address Poisoning
A crypto investor has lost almost $50 million in one of the largest recent cases of blockchain fraud. The incident was not the result of a smart contract exploit or private key compromise, but a far simpler and more insidious tactic known as address poisoning.
How the Attack Worked
The scheme relied on manipulating the victim’s transaction history. Attackers injected small transfers into the wallet using addresses designed to closely resemble legitimate ones. These fake addresses were crafted to match the first three and last four characters of the real destination, making them visually indistinguishable at a glance.The Critical Mistake
The investor initially sent a test transaction of 50 USDT to the correct wallet. Minutes later, they initiated the main transfer by copying the address from the transaction history. Unbeknownst to the victim, the history had already been poisoned with a transfer of 0.005 USDT from a malicious lookalike address.The result was fatal. The bulk transfer was sent to the attacker-controlled wallet.
Funds Quickly Laundered
Shortly before the loss, the assets had been withdrawn from Binance. After receiving the funds, the attacker swapped the stolen assets into Ethereum, split them across multiple wallets and partially routed them through the Tornado Cash mixer in an attempt to obscure the trail.Why This Attack Is Dangerous
Address poisoning does not require malware, phishing emails or compromised devices. It exploits human habits and interface design. Many wallets still emphasize partial address visibility, encouraging users to trust transaction history rather than manually verifying full addresses.A Growing Class of Exploits
Security specialists described the incident as one of the largest address poisoning losses seen in recent months. The scale highlights how low-effort techniques can still outperform complex exploits when large balances and routine user behavior intersect.Conclusion
This case serves as a reminder that not all crypto losses stem from advanced hacks. Sometimes the most effective attacks are the simplest. As long as wallets rely on truncated address displays and users trust transaction history by default, address poisoning will remain a highly effective weapon.Editorial Team - CoinBotLab
Source: Pawrc
🔵 Bitcoin Mix — Anonymous BTC Mixing Since 2017
🌐 Official Website
🧅 TOR Mirror
✉️ [email protected]
No logs • SegWit/bech32 • Instant payouts • Dynamic fees
TOR access is recommended for maximum anonymity.
🌐 Official Website
🧅 TOR Mirror
✉️ [email protected]
No logs • SegWit/bech32 • Instant payouts • Dynamic fees
TOR access is recommended for maximum anonymity.