Trader Loses Nearly 50 Million USD in One of the Largest Address Poisoning Attacks in History

A cryptocurrency trader has suffered nearly 50 million USD in losses after becoming a victim of a sophisticated address poisoning attack – considered one of the largest individual incidents ever recorded. This incident shows that even experienced users can be defeated by very small mistakes in wallet operations. After the incident, the victim sent a direct message on the blockchain, offering a reward of 1 million USD to anyone who assists in recovering the assets, while also confirming that they have filed a criminal lawsuit. However, as of now, the entire amount has not yet been recovered. The Development of the Address Poisoning Attack The incident occurred around December 20, 2025, exploiting a very common habit in the crypto community: copying wallet addresses from transaction history instead of verifying them from a reliable source. The attack process occurs in the following steps: The victim took a familiar safety step: testing a transfer of 50 USDT to a valid receiving address. Immediately afterward, the attacker activated an automated script. A fake wallet address was created with the same first and last characters as the real address. This fake address sent a very small transaction to the victim's wallet, causing it to appear in the transaction history. When the trader executed the main transaction, close to 50 million USDT, they mistakenly copied the fake address from the history, believing it to be the previously verified address. Just one wrong copy-paste operation, all assets have been transferred directly into the hands of the attacker. Quickly Launder Money to Erase Traces As soon as the attacker received the huge sum of money, they acted extremely quickly and in an organized manner: USDT is converted to DAI – a stablecoin that cannot be frozen. Then, DAI is swapped for about 16,680 ETH. Most of this ETH is sent through Tornado Cash, a mixing service aimed at obscuring transaction flows and making on-chain tracing difficult. This chain of actions almost eliminates the ability to recover assets using conventional blockchain investigation methods. On-Chain Rewards and Legal Threats In a last-ditch effort to salvage the situation, the victim sent a direct message on the blockchain to the attacker: Propose to refund 98% of the stolen assets. Allow the attacker to keep 1 million USD as a “white hat bounty”. Warn that if there is no response within 48 hours, the case will be escalated for investigation and coordinated with international law enforcement agencies. However, to date, there has been no public feedback, and the assets have not yet been returned. Why is Address Poisoning Extremely Dangerous? Address poisoning is dangerous because it targets the user's habit of visually checking. Most wallets only display part of the address. Users usually only match the first and last characters. An attacker only needs to create a “similar” address to deceive. This incident shows that address poisoning is no longer a minor nuisance, but has become a form of attack that can deplete assets on an organizational scale. How to Prevent Address Poisoning Security experts recommend: Always check the entire wallet address, character by character, especially for large transactions. Use the address book in the wallet for frequently used addresses, avoid copying from transaction history. Be cautious with unusual small transactions from strange addresses or “similar-looking” addresses. Prefer hardware wallet ( that displays the full address on a separate screen, requiring users to manually verify before signing the transaction. Conclusion The loss of nearly 50 million USD is a stark warning for the entire crypto community: just one careless action can lead to an irreversible disaster. In a decentralized world: No refundsNo customer supportNo opportunity to correct mistakes Slowing down for a few seconds to verify could be the difference between a normal transaction and a loss of tens of millions USD.