Crypto User Loses Nearly $50 Million After Falling for Address Poisoning Scam

• A crypto investor lost almost $50 million after falling for an address poisoning scam.
• A hacker created a nearly identical wallet and poisoned small transactions to trick the victim.
• Stolen funds were converted to DAI, then 16,680 ETH moved through Tornado Cash anonymously.

One major crypto investor has lost almost $50 million worth of USDT as a result of falling victim to a classic address poisoning attack, which, although very simple, still manages to trick lots of people.

Data from the on-chain analysis platform, Lookonchain, indicates that the victim made a mistake in transferring 49,999,950 USDT to a scam account on December 20. This loss occurred when the funds were withdrawn from Binance, with the intention of transferring them to the victim’s wallet.

Source: X

Crypto Address Poisoning Leads to Massive Heist

Before sending the full amount, the victim followed a standard safety protocol and sent a test transfer of 50 USDT to ensure that the target address was correct. That was exactly where the hacker intervened.

According to security companies, an automated bot quickly generated a look-alike wallet address that almost copies the real address of the victim. The imposter wallet address has a similar first five characters and the last four, with the middle part sometimes covered by dots in many wallet apps.

The attacker made small payments from this address to the victim’s wallet, thus “poisoning” them. The attacker expected that when the user copied an address from their past activity to send full payment, they would send it to a similar address instead.

According to the blockchain data, the first transfer, the test, happened at 03:06 UTC, followed by a huge transfer at 03:32 UTC, 26 minutes afterwards.

“The hacker acted swiftly,” SlowMist explained. Within half an hour, the stolen USDT was exchanged for DAI using MetaMask Swap, making it difficult for recovery as USDT can be frozen, but DAI can’t.

Then, the attacker exchanged the DAI for approximately 16,690 ETH and deposited around 16,680 ETH into the Tornado Cash mixer to conceal the transaction trail.

$1 Million Reward Offered for Hacker

In the final twist, the victim posted a message through the blockchain to the attacker, promising a $1 million reward in exchange for the return of 98% of the money. The message threatened that the attacker could be prosecuted because law enforcement agencies, cybersecurity bodies, and blockchain projects are working in cooperation with clear and actionable intelligence on the activities.

This is not the first of its kind. Earlier in May 2024, a user on the Ethereum network lost $71 million worth of wrapped bitcoin. However, all the money was recovered. Whether a similar outcome can be expected now is uncertain since the money is now held in Tornado Cash.

According to security experts, such fraud is on the increase. Casa co-founder and security lead Jameson Lopp warned of the expansion of address poisoning attacks on various blockchain networks, with tens of thousands of suspected Bitcoin cases since 2023.

Lopp recommended wallet apps provide warnings when an address may match an existing address to double-check before sending funds.

Also Read | Polygon (POL) Price Outlook: Momentum Builds Toward $0.220 Resistance Level

Crypto Heists Surge in 2025

This case highlights a disturbing reality: crypto heists have already reached over $3.4 billion in 2025, surpassing the total for 2024. A substantial portion of this was attributed to the Bybit hack of $1.4 billion back in February, which was traced back to North Korean actors. This was termed the “largest crypto heist on record” by Elliptic.

As crypto scams become more sophisticated and automated, this serves as a reminder that even seemingly simple tasks, such as copying an address, can pose substantial risks despite the importance of verifying every detail.

Also Read | Bitcoin Price Near Breakout as BTC Targets $90,000–$92,000 After CME Gap Closure