Growing Address Poisoning Attacks: How Ethereum User Lost $48k

Victim Loses 19.27 Ethereum After Copying Wrong Address from Contaminated History Victim Loses 19.27 Ethereum After Copying Wrong Address from Contaminated History

In one recent crypto scam incident, a crypto user fell victim to an address poisoning scam, losing a substantial 19.27 Ethereum, valued at approximately $48,007. The incident was reported by blockchain security firm Scam Sniffer.

Ethereum & Other Blockchains Suffer Address Poisoning

Address poisoning scams have become increasingly prevalent, with attackers employing ever more cunning tactics to deceive users. In this recent case, the scammer generated up to eight “poisoning” transactions of just 0.000001 Ethereum each, mimicking addresses from the victim’s transfer records from four days prior.

The severity of these scams is further underscored by a similar incident reported on August 22, 2024, where an unfortunate user lost 211 Ethereum ($553,312) while attempting to deposit funds into KuCoin.

Advertisement

These cases are not isolated. A particularly devastating attack in July 2023 resulted in a single trader’s loss of approximately $68 million worth of Wrapped Bitcoin (WBTC).

The modus operandi of these scams is deceptively simple yet highly effective. Attackers create wallet addresses that closely resemble legitimate ones, often matching the first and last characters while altering the middle ones.

They then contaminate the victim’s transaction history with small transfers. When users later attempt to copy addresses from their history for new transactions, they unknowingly select the fraudulent address, sending their funds directly to the scammer.

The consequences of falling for such scams can be catastrophic. In the July 2023 incident, the victim lost over 97% of their total holdings, a stark reminder of the potential devastation these attacks can cause.

Advertisement

Also Read: Ripple’s Head of DeFi Discusses the Use of Multi-Purpose Tokens