A single crypto victim lost $12.25 million in ETH after falling for an "address poisoning" scam

Address poison attackers have stolen 4,556 ETH ($12.25 million) from a single victim after an earlier attack cost a trader $50 million in December last year. 

An unlucky cryptocurrency victim recently lost 4,556 ETH, valued at $12.25 million, to a sophisticated “address poisoning” attack. The incident was reported by the blockchain security platform Scam Sniffer.

Traders are now being warned to never copy addresses from their transaction history due to an increase in address poisoning scams.

How do scammers use ‘address poisoning’ to steal millions?

Overall, there has been a record-breaking surge in crypto theft, including a nearly $50 million loss in December 2025 and over 1 million poisoning attempts being detected every day on the Ethereum network.

The victim, using the address 0xd6741220a947941bF290799811FcDCeA8AE4A7Da, intended to send funds to a legitimate contact. However, they unknowingly copied a “poisoned” address from their transfer history.

The scammer’s address (0x6d9052b2DF589De00324127fe2707eb34e592e48) was specifically designed to look like the correct one (0x6D90CC8Ce83B6D0ACf634ED45d4bCc37eDdD2E48).

Address poisoning attacks take advantage of human error, and how crypto wallets display addresses for easier viewing. For example, an address might be shown as 0x6D90…2E48. Scammers use powerful software to generate millions of “vanity” addresses until they find one that matches those first and last few characters.

Once they have a matching address, they send a tiny amount of crypto or even a transaction with zero value to a user’s wallet, which puts the scammer’s address into their recent history. The next time the user attempts to copy that address from their history, they could very easily mistake the scammer’s address for the correct one.

Once sent, the money is gone forever because blockchain transactions cannot be reversed.

Security experts from companies like Cyvers and Immunefi report that these attacks are now happening at an industrial scale.

In January 2026, Ethereum transactions hit an all-time high of over 2.8 million per day, and analysts from Citi believe a large portion of this activity is caused by scammers sending millions of these “poison” transactions to catch a few unlucky victims.

Other major crypto thefts have happened recently

Another trader lost nearly $50 million (49,999,950 USDT) in a similar poisoning attack back in December 2025. In that case, the victim even sent a “test transaction” of 50 USDT to be safe. However, the scammer’s automated script immediately saw the test and “poisoned” the history before the victim could send the remaining $50 million. The attacker quickly converted the stolen funds into DAI and then ETH to prevent the money from being frozen.

On January 21, 2026, the Saga EVM blockchain had to be paused after a hack drained $7 million. Earlier in January, the Truebit protocol lost $26.6 million in ETH when an attacker exploited an older security hole in its system, sending the token’s price crashing by nearly 100%.

Even larger organizations like the French crypto tax platform called Waltio received a ransom demand from the ShinyHunters hacker group, which was claiming to have stolen data from 50,000 users.

In 2025 alone, over $17 billion was stolen through various scams. Chainalysis reports that “impersonation scams,” which include address poisoning, grew by a staggering 1,400% compared to the year before.

Claim your free seat in an exclusive crypto trading community - limited to 1,000 members.