Copy-Paste Error Causes $50M USDt Loss in Address Poisoning Scam

Major On-Chain Losses Due to Address Poisoning Attack

A significant onchain fraud incident has highlighted the ongoing risks associated with address poisoning scams in the cryptocurrency space. An individual mistakenly transferred nearly USD 50 million in USDt (Tether) to a scammer’s wallet, resulting in one of the largest losses seen this year. The mistake occurred after the victim copied a malicious address from their transaction history, falling victim to a sophisticated address poisoning scheme that relies on subtle address similarities to deceive even seasoned users.

Key Takeaways

• An individual lost almost USD 50 million USDt due to a classic address poisoning scam.
• The attack exploited the victim’s reliance on copying addresses from transaction history, which contained lookalike scam addresses.
• Onchain analysis shows the initial small transfer was legitimate, but the subsequent full amount was sent to the poisoned address.
• The attacker has moved the stolen funds into Ether and partially laundered through Tornado Cash.

Tickers mentioned: USDt, ETH

Sentiment: Cautiously Bearish

Price impact: Negative, as scams undermine trust and highlight ongoing security challenges in the crypto ecosystem.

Market context: This incident underscores the persistent security threats within the cryptocurrency sector amid rising onchain losses and high-profile breaches.

Details of the Scam and Its Implications

The incident was uncovered through onchain investigations, which revealed that the victim’s wallet had been active for approximately two years and primarily used for USDt transactions. Notably, the funds were withdrawn from Binance shortly before the loss, indicating active management of the wallet prior to the theft.

According to security researcher Cos, founder of SlowMist, the scam’s success rested on the subtle similarities between the malicious address and the legitimate one. “You can see the first three characters and last four characters are the same,” he explained, emphasizing how such minor overlaps can deceive even experienced users. The attacker’s strategy involved small transfers that layered lookalike addresses into transaction histories, making future copying attempts risky.

Following the theft, the attacker swiftly swapped the USDt for Ether and divided the proceeds into multiple wallets. Part of the stolen funds has been moved into Tornado Cash, a privacy-focused mixing service, complicating efforts to trace the assets. The incident serves as a stark reminder of how human habits can be exploited in security breaches, relying less on exploiting system vulnerabilities and more on behavioral deception.

The rising prevalence of address poisoning scams coincides with a surge in crypto-related hacks, which resulted in approximately $3.4 billion in losses in 2025. Notably, three major breaches, including a nearly $1.4 billion hack of the derivatives platform Bybit, contributed to over two-thirds of total losses this year, illustrating the still-prevalent risks facing the industry.

This article was originally published as Copy-Paste Error Causes $50M USDt Loss in Address Poisoning Scam on Crypto Breaking News – your trusted source for crypto news, Bitcoin news, and blockchain updates.