A crypto trader lost nearly $50 million in USDT stablecoins after becoming the victim of an address poisoning attack – a relatively simple scam that often catches many people off guard, according to security companies.
The on-chain analytics platform Lookonchain reported that the victim mistakenly transferred 49,999,950 USDT to an address controlled by a scammer on December 20th. This occurred after the individual withdrew funds from Binance and attempted to transfer them to their personal wallet.
As a precautionary measure, the victim first sent a test transaction of 50 USDT to the intended destination address. However, shortly afterward, an automated Script created by the attacker generated a fake wallet address, designed to resemble the real address at the beginning and end of the character chain .
Specifically, the malicious address shares the same first 5 and last 4 characters as a legitimate wallet address. The only difference lies in the middle characters – often shortened by many wallet interfaces with "..." for easier readability. The scammer then sends small transactions from this fake address to the victim's wallet, "poisoning" their transaction history. When the victim copies an address from their history to make a large transaction of nearly $50 million, they most likely inadvertently selected the fake address.
Data from Etherscan shows that the test transaction took place at 3:06 UTC, and approximately 26 minutes later, at 3:32 UTC, the erroneous transaction of nearly $50 million was executed.
According to SlowMist, the attacker quickly disposed of the stolen funds. Within 30 minutes of receiving the USDT, the entire amount was converted to Dai via MetaMask Swap – a deliberate move because USDT can be frozen by Tether if flagged, while Dai is a Decentralized Stablecoin with no centralized control mechanism. This Dai was then converted into approximately 16,690 ETH, of which about 16,680 ETH were sent to Tornado Cash – a previously sanctioned cryptocurrency mixing service – to conceal the transaction.
In an attempt to recover their assets, the victim sent an onchain message to the attacker, offering a $1 million "whitehat bounty" if 98% of the stolen funds were returned.
In the message, the victim wrote: “We have formally filed a criminal complaint. With the support of law enforcement agencies, cybersecurity units, and various blockchain protocols, we have gathered significant information and are able to take action regarding your activities.”
This incident is reminiscent of a similar event in May 2024, when an Ethereum user lost $71 million worth of wrapped bitcoin due to an address poisoning attack. In that case, the victim recovered almost all of the funds after on-chain negotiations, with the assistance of blockchain security company Match Systems and the Cryptex exchange. However, with the funds in this new incident quickly transferred to Tornado Cash, the likelihood of recovery remains questionable.
Follow CoinMoi to stay updated on the hottest issues in the crypto market. Okay!!!
The article "Crypto Trader Loses $50 Million Due to Wallet Address Scamming" first appeared on CoinMoi .
