TLDR:
- Victim lost 4,556 ETH worth $12.25 million by copying a fraudulent address from transaction history.
- Scammers generate vanity addresses matching legitimate wallets to trick users into sending funds.
- Ethereum network experiences over 1 million address poisoning attempts every single day currently.
- Impersonation scams including address poisoning surged 1,400% with $17 billion stolen in 2025.
A cryptocurrency holder lost 4,556 ETH valued at approximately $12.25 million through an address poisoning attack, according to blockchain security firm Scam Sniffer.
The victim copied a fraudulent address from their transaction history instead of the intended recipient’s wallet. This incident adds to mounting crypto theft cases affecting the Ethereum network.
Security experts now warn users against copying addresses from their transfer histories.
Anatomy of the Million-Dollar Theft
The victim, operating from wallet address 0xd6741220a947941bF290799811FcDCeA8AE4A7Da, attempted to transfer funds to a known contact.
However, the user inadvertently selected a scammer’s address from recent transactions. The fraudulent wallet 0x6d9052b2DF589De00324127fe2707eb34e592e48 closely resembled the legitimate address 0x6D90CC8Ce83B6D0ACf634ED45d4bCc37eDdD2E48.
Scam Sniffer reported the attack on X, warning that “another victim lost 4,556 ETH ($12.25M) by copying the wrong address from a contaminated transfer history.”
The security firm emphasized a critical safety measure, stating users should “never copy the address from transfer histories.” Address poisoning exploits how cryptocurrency wallets truncate long addresses for display purposes.
Attackers deploy automated software to generate millions of vanity addresses matching the first and last characters of target wallets.
When users view shortened versions like 0x6D90…2E48, they cannot distinguish between legitimate and fraudulent addresses. Scammers then send negligible amounts or zero-value transactions to populate victims’ recent activity.
The Ethereum network currently experiences over 1 million poisoning attempts daily, according to security analysts.
Blockchain transactions remain irreversible once confirmed, making stolen funds unrecoverable. This immutability feature transforms simple mistakes into permanent financial losses for affected users.
Escalating Wave of Crypto Security Breaches
December 2025 witnessed another catastrophic address poisoning case involving 49,999,950 USDT, nearly $50 million in losses. That victim implemented security measures by sending a 50 USDT test transaction first.
The scammer’s automated system detected the test transfer and immediately poisoned the transaction history before the main transfer.
The attacker converted stolen USDT into DAI and subsequently ETH to prevent asset freezing by authorities. Cyvers and Immunefi security researchers confirm these attacks now operate at industrial scale.
Citi analysts suggest the recent spike in Ethereum transactions exceeding 2.8 million daily stems partly from mass poisoning campaigns.
January 2026 brought additional security incidents across multiple blockchain platforms. The Saga EVM blockchain suspended operations on January 21 following a $7 million exploit.
Truebit protocol suffered $26.6 million in ETH losses when hackers exploited legacy vulnerabilities, causing token values to collapse nearly 100%.
French cryptocurrency tax platform Waltio faced ransom demands from ShinyHunters hacking group claiming data theft affecting 50,000 users.
Chainalysis data reveals that impersonation scams, including address poisoning, surged 1,400% year-over-year. Total cryptocurrency theft reached $17 billion throughout 2025, establishing new records for digital asset crime.
