A cryptocurrency investor lost 4,556 Ethereum, valued at approximately $12.4 million, to an address-poisoning attack. Specter, a pseudonymous blockchain analyst, reported that the theft occurred roughly 32 hours after the attacker dusted the victim’s wallet with a nominal transaction to plant the fake address in recent activity.
The attacker spent two months monitoring the victim’s transaction activity. During this period, the hacker identified a deposit address used for OTC settlements. The attacker first initiated a minor transaction to the victim’s wallet, a tactic designed to populate the user’s activity log, ensuring the corrupted address appeared prominently at the top of the recent transactions history.
Relying on this compromised list, the victim inadvertently copied the poisoned address rather than the legitimate source when attempting to move the $12.4 million. This incident marks the second major eight-figure theft via this vector in recent weeks.
Last month, a separate crypto trader lost approximately $50 million in a nearly identical scheme. Industry stakeholders argue that these attacks are proliferating because wallet interfaces truncate addresses to save screen space. Meanwhile, this breach raises serious questions regarding verification protocols among institutional-grade investors.
While retail traders often rely on copy-pasting addresses, entities moving millions typically employ strict whitelisting procedures and test transactions. Consequently, blockchain security firm Scam Sniffer has urged investors to abandon reliance on transaction histories for recurring crypto payments.
Leave a Reply