Cryptocurrency Users Lose $1.6M to Address Poisoning Attacks in One Week

Generated by AI AgentCoin World
Friday, Aug 15, 2025 2:02 am ET2min read
USDT
--
Aime RobotAime Summary

- Cryptocurrency users lost $1.6M to address poisoning attacks in a week, exceeding March’s monthly total via deceptive transaction histories.

- A victim lost 140 ETH ($636,500) after copying a "poisoned" address mimicking a legitimate one, while another lost $880,000 in USDT through repeated fraudulent transfers.

- Scammers exploit blockchain’s immutability by sending small crypto amounts to fake addresses, creating trust and tricking users into irreversible transactions.

- Additional $600K was lost via malicious signature signing, where victims authorized scams using deceptive commands like "approve".

- Experts urge improved wallet security, address verification, and user education to combat rising crypto scams exploiting interface vulnerabilities.

Unsuspecting cryptocurrency users lost more than $1.6 million to scammers through address poisoning attacks over the past week — a significant increase compared to the $1.2 million lost through the same method in the entire month of March [1]. The attacks, which rely on deceptive transaction histories, have proven particularly effective in deceiving users into sending funds to fraudulent addresses.

In one of the most notable cases, a victim lost 140 Ether (ETH), valued at approximately $636,500, after mistakenly copying a lookalike wallet address from their transaction history [1]. The address had been “poisoned,” meaning scammers had previously sent small amounts of crypto from a similar address to create a false sense of legitimacy. Scam prevention platform ScamSniffer noted that the user’s history was already riddled with such traps, making the eventual loss inevitable [1].

Another victim lost $880,000 in

USDT
after falling for a similar scheme, with evidence suggesting that the same user attempted to retry the transfer across multiple wallets, amplifying the damage [1]. Additional losses of $80,000 and $62,000 were recorded by Wednesday, further underscoring the growing prevalence of these attacks.

Address poisoning works by mimicking legitimate addresses and transaction patterns. Scammers send small amounts of crypto from a wallet that resembles a genuine one, tricking users into using the wrong address in future transactions. Web3 Antivirus, a blockchain security firm, explained that this creates a false sense of trust in the transaction history, leading users to unknowingly send funds to scammers [1]. Once the scam is initiated, the damage is irreversible due to the immutable nature of blockchain transactions.

In addition to address poisoning, at least $600,000 was reported lost this week through malicious signature signing, where victims authorized fraudulent transactions using common but deceptive commands such as “approve” and “increaseAllowance” [1]. A reported $165,000 worth of tokens was stolen in one such case on Tuesday.

The rise in these attacks highlights the need for stronger user education and improved wallet security features. While blockchain itself is secure, vulnerabilities at the user interface level persist, particularly when users fail to verify full addresses or fall victim to phishing tactics. ScamSniffer emphasized the importance of using an address book or whitelist to verify transfers before sending funds [1].

These incidents signal a growing trend of sophisticated cybercrime in the crypto space. With more users participating in

digital asset
transactions, attackers are adapting their methods to exploit human error and interface weaknesses. The speed and scale of the $1.6 million in losses over just a few days suggest that these attacks are not isolated but part of a broader, coordinated effort.

Wallet providers and blockchain platforms must respond by implementing advanced fraud detection systems and improving user verification processes. Transparency in transaction history and clearer warnings about address validation could also help reduce the success rate of such scams.

Source:

[1] Cointelegraph - [https://cointelegraph.com/news/1-6m-lost-wave-crypto-address-poisonings-this-week](https://cointelegraph.com/news/1-6m-lost-wave-crypto-address-poisonings-this-week)