As a researcher with experience in the field of cryptocurrency and blockchain technology, I cannot stress enough the importance of being vigilant when it comes to protecting one’s digital assets. The recent case of a wealthy Ethereum user losing $68 million through address poisoning is a grim reminder of the potential risks that come with using decentralized finance (DeFi) platforms and holding crypto assets.


Crypto thieves have successfully swindled yet another individual out of $68 million by deceitfully making him believe he was transferring funds to someone else’s wallet.

According to blockchain records, it appears that a formerly affluent Ethereum account holder suffered a significant loss when hackers tainted the transaction history of a Bitcoin wallet to which he had previously transferred funds. Currently, this individual has approximately $1.6 million worth of crypto remaining in his Ethereum address.

The Danger Of Address Poisoning

Based on Etherscan’s information, the wallet from which the transaction was sent has a balance of 0.89 Ether (equivalent to $2,747) and 1.63 million DAI stablecoins.

The thief made off with 1155 units of Wrapped Bitcoin (WBTC) from the victim. WBTC functions similarly to a stablecoin for Bitcoin on the Ethereum network, maintaining a value equivalent to Bitcoin. However, this token is susceptible to various attacks and vulnerabilities prevalent in the Ethereum platform, including address poisoning.

“Wallet contamination, also known as ‘address poisoning,’ refers to the malicious act of sending a low-value or even zero-value transaction to another person’s digital wallet. The attacker aims to add their own address into the recipient’s transaction history.”

As a security analyst, I’ve observed that cybercriminals can manipulate cryptocurrency wallet addresses by intentionally crafting them with matching starting and ending characters to those of their intended victims’. Many popular wallet software applications truncate long addresses for display purposes, showing only the initial and final characters. This camouflage makes it difficult to distinguish subtle differences in the middle of two seemingly identical addresses at first glance.

Address Poisoning In Action

As a crypto investor, I’ve noticed an interesting pattern in a recent transaction I came across. Both the malicious actor’s wallet address and the intended victim’s address shared a similar format. They both began with “0xd9A1” and ended with “853a91”. This suggests that there may be some connection between these two addresses, possibly an attempt to deceive or manipulate transactions involving the victim’s address.

As a cautious crypto investor, I would advise against carelessly copying an unfamiliar wallet address from my transaction history, assuming it belongs to me or someone I know. The attacker’s ultimate goal is for you to make this mistake and transfer funds into their wallet instead. Always double-check the wallet address before initiating a transaction.

Last year, a group of address poisoners successfully infiltrated the SafeWallet platform, swindling $2 million from users within a week. In February, an unfortunate Kraken user lost 1 million USDT after falling prey to scammers who had contaminated their transaction history, mimicking their past interactions with the exchange.

Metamask advises users against copying transactions from their history for use, instead encouraging them to add frequently accessed addresses to their contact list to ensure only approved addresses are utilized.

The wallet provider emphasizes on their website that this recommendation is just as important for your personal address as it is for the recipients’ addresses when transferring funds.

Read More

2024-05-03 22:00