Beware! Users' 50 million USDT fall victim to address poisoning scams, with similar starting and ending characters as the "killer move"

2025-12-20 01:10:11

【ChainNews】The SlowMist Security Team recently exposed a serious wallet address attack incident. A user encountered an address “poisoning” trap during a fund transfer, ultimately losing nearly 50 million USDT.

The incident unfolded as follows: The user followed the usual procedure, first sending a small amount of USDT to the target address for testing. After confirming the receipt was normal, they prepared to transfer a large sum. But at this critical point, a problem occurred—when copying the address from the transaction record, the user accidentally copied a forged malicious address. How cunning was this fake address? The first 3 characters and the last 4 characters were identical to the real address, but the middle part had been tampered with.

Within a few minutes, $50 million was sent to a wallet controlled by the attacker. This method exploits the psychological vulnerability that users find it difficult to verify each character when copying and pasting. This incident also serves as a reminder to everyone: when making large transfers, never rush; always verify the complete address multiple times, or use safer methods such as scanning QR codes or official links to confirm the recipient.

View Original

This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.

15 Likes

Reward
15
5
Repost
Share

Comment

0/400

PonziDetector

· 22h ago

Wow... 50 million just disappeared like that, same at the beginning and end but changed in the middle? This trick is really clever, completely unpreventable. --- It's another case of address poisoning, when will there be a fundamental solution? --- I'm really cautious, that’s why I check ten times before making a transfer, I’d rather be a pain than get played for a sucker. --- The trick of having similar characters at the beginning and end is really ruthless, users have no way to deal with it. --- 50 million USD just gone like that, this kind of eyewash always catches people, awareness is really important. --- Such a simple operation as copy-pasting can be exploited, the security risks in web3 are indeed significant. --- No way, just having the first 3 and last 4 characters the same can confuse people? It really feels like the human eye is not reliable. --- The cost of this attack is so low, but the returns... I can't even calculate. --- I've reminded everyone so many times, small amount testing is indeed useful, but it’s not 100% foolproof. --- Slow fog is back to save the day, this security team is doing a great job.

View OriginalReply0

RamenDeFiSurvivor

· 12-20 01:38

Wow, 50 million just gone like that? Same beginning and end, with bloodshed in the middle. This trick is really clever, we retail investors can't even defend against it. --- It's another address poisoning attack, I'm fed up. Feels like these scams are getting more and more aggressive. For large transfers, you really need to use a hardware wallet, everyone. --- I dare not copy and paste anymore, I have to look at each letter one by one to be sure. But who the hell has that much free time? --- This guy is too unlucky. The test transfer went through, but he still got caught. What does that mean? It means there's no such thing as a 100% safe operation process. --- Can you steal 50 million just because the first 3 and last 4 characters are the same? The security design of this wallet is really problematic. MetaMask isn't doing anything about it. --- I've already said that you need to be careful with addresses in transaction records. Looks like some people are still learning the hard way from blood and tears. --- 50 million, brother. I haven't earned that much in my whole life. How did the attacker come up with this move? Anyway, I’ve learned a lesson.

View OriginalReply0

HodlVeteran

· 12-20 01:37

Damn, this move is brilliant... the beginning and end are the same, but the middle is a bloodbath, even more ruthless than when I was phished back in the day. 50 million just disappeared like that, I wonder how this guy is doing now. My lesson is, no matter how careful you are, it's never enough. For large transfers, just be honest and read every word carefully. Copying and pasting is really a knife.

View OriginalReply0

pvt_key_collector

· 12-20 01:37

50 million directly gone, this address poisoning is really the ultimate... Can it be tricked just because the beginning and end are the same? That's why I have to look multiple times every time I transfer money. It's a hassle, but I really have to be so cautious. Copy-pasting seems simple, but it's actually full of traps. For large transfers, you should still use a hardware wallet or multi-signature; don't cut corners. This guy should be able to recover it, right? Or is it just gone like that?

View OriginalReply0

BearMarketSurvivor

· 12-20 01:26

Damn, 50 million just disappeared? Even something as simple as copy and paste can get you scammed. I need to check my wallet address blacklist.

View OriginalReply0

Trending TopicsView More
#2025GateYearEndSummary
40.39K Popularity
#CryptoMarketMildlyRebounds
2.83K Popularity
#GoldPrintsNewATH
946 Popularity
#BOJRateHikesBackontheTable
732 Popularity
#2026CryptoOutlook
727 Popularity

Hot Gate FunView More

1
蹦迪蹦迪
MC:$3.57KHolders:1
0.00%
2
DogdDogd
MC:$3.57KHolders:1
0.00%
3
07860786
MC:$3.65KHolders:2
0.14%
4
wlwife less
MC:$3.54KHolders:1
0.00%
5
oxSunoxSun
MC:$3.56KHolders:1
0.00%

Sitemap