How a single copy-paste mistake cost a user $50M in USDt

cointelegraphPublicado a 2025-12-20Actualizado a 2025-12-20

Resumen

A user lost nearly $50 million in USDt in an address poisoning scam after mistakenly copying a malicious look-alike address from their transaction history. The scam works by attackers sending small transactions to a victim's wallet using addresses that closely resemble those of the victim's trusted contacts. In this case, the victim first sent a small test transaction to the correct address but then copied a fraudulent, similar-looking address for the full $50 million transfer. Onchain investigators noted the addresses shared the same first three and last four characters, a subtle similarity that can deceive even experienced users. The stolen funds were subsequently swapped for Ether and partially laundered through Tornado Cash. This incident highlights how such attacks exploit human error rather than technical vulnerabilities. The loss occurred amid a broader surge in crypto hacks, which reached $3.4 billion in losses in 2025.

A single transaction error led to one of the largest onchain losses seen this year, after a user mistakenly sent nearly $50 million in USDt to a scam address in a classic address poisoning attack.

According to onchain investigator Web3 Antivirus, the victim lost 49,999,950 USDt (USDT) after copying a malicious wallet address from their transaction history.

Address poisoning scams rely on look-alike wallet addresses being inserted into a victim’s transaction history via small transfers. When victims later copy an address from their transaction history, they may unknowingly select the scammer’s lookalike address instead of the intended recipient.

Onchain data shows the victim initially sent a small test transaction to the correct address. Minutes later, however, the full $50 million transfer was sent to the poisoned address.

*User falls victim to address poisoning scam. Source:* *Web3 Antivirus*

Related: Attacker takes over multisig minutes after creation, drains up to $40M slowly

Subtle address similarity enough to fool experienced users

Security researcher Cos, founder of SlowMist, noted the similarity between the addresses was subtle but enough to deceive even experienced users. “You can see the first 3 characters and last 4 characters are the same,” he wrote.

The victim’s wallet had been active for roughly two years and was primarily used for USDt transfers, according to onchain analysis. Shortly before the loss, the funds were withdrawn from Binance, suggesting the wallet was being actively managed at the time of the incident.

“This is the brutal reality of address poisoning, an attack that doesn’t rely on breaking systems, but on exploiting human habits,” another onchain analyst wrote.

The attacker has since swapped the stolen USDt for Ether (ETH), splitting it into multiple wallets, and partially moved it into Tornado Cash.

Related: Binance denies reports of delayed action over funds linked to Upbit hack

Crypto hacks hit $3.4 billion in 2025

As Cointelegraph reported, crypto-related hacks resulted in $3.4 billion in losses in 2025, marking the highest annual total since 2022. The surge was largely driven by a handful of massive breaches targeting major crypto entities rather than a broad rise in average attack size.

Just three incidents accounted for 69% of total losses this year, led by the $1.4 billion hack of crypto exchange Bybit, which alone made up nearly half of all stolen funds.

Magazine: 2026 is the year of pragmatic privacy in crypto — Canton, Zcash and more

Criptos en tendencia

CitreaCTR

wrapped stUSDTWSTUSDT

Velodrome FinanceVELODROME

BrevisBREV

ZRX（0X）ZRX

Preguntas relacionadas

QWhat is an address poisoning scam and how did it lead to a $50 million loss?

AAn address poisoning scam is a type of attack where a scammer sends a small transaction to a victim's wallet using a look-alike address. The victim, when later copying an address from their transaction history, may accidentally select the scammer's fraudulent address instead of the legitimate one. In this case, the user mistakenly sent $50 million in USDt to the poisoned address.

QWhat detail did the security researcher from SlowMist point out about the fraudulent address?

AThe security researcher, Cos from SlowMist, noted that the similarity between the legitimate and the fraudulent address was very subtle. He pointed out that the first 3 characters and the last 4 characters of the two addresses were identical, which was enough to deceive even experienced users.

QWhat did the attacker do with the stolen USDt funds after the scam was successful?

AAfter successfully stealing the USDt, the attacker swapped the funds for Ether (ETH). They then split the ETH into multiple wallets and partially moved it into the privacy-focused mixing service, Tornado Cash.

QHow much was lost to crypto hacks in 2025 according to the article, and what was a major contributing factor?

AAccording to the article, crypto-related hacks resulted in $3.4 billion in losses in 2025. The surge was largely driven by a handful of massive breaches targeting major crypto entities, with just three incidents accounting for 69% of the total losses.

QWhat preliminary step did the victim take before sending the full $50 million, and why was it ineffective in preventing the loss?

AThe victim initially sent a small test transaction to the correct address. However, this was ineffective because the scammer's look-alike address was already in their transaction history from a previous, small 'poisoning' transfer. When the victim went to copy the address for the large transfer, they mistakenly selected the fraudulent one.

Lecturas Relacionadas

Ethereum Q1 2026 Report: Fees Decline, Users and Transaction Volume Hit New Highs

Ethereum Q1 2026 Report: Fees Down, Users & Transactions Hit New Highs Token Terminal's Q1 2026 report on Ethereum presents a pivotal development: the network achieved record highs in monthly active users (13.2M, +85.9% YoY), total transactions (200.4M, +81.5% YoY), and throughput (25.78 TPS), while transaction fees on the mainnet plummeted by 47.9% quarter-over-quarter. This shift is attributed to the network's strategic move into a "low fees for scale" phase, exemplified by the Fusaka upgrade which increased data capacity and lowered block space costs, releasing pent-up demand (a manifestation of Jevons's Paradox). The report highlights a core narrative shift for Ethereum: from a DeFi-centric blockchain to a global financial settlement layer. It maintains a dominant position in tokenized assets, holding majority market shares among top chains in stablecoins (61.8%), tokenized funds (73.0%), and tokenized commodities (84.0%). Growth in tokenized funds (+73.1% YoY) and commodities (+325.9% YoY) was particularly strong, driven by institutions like BlackRock and JPMorgan entering the space. Contrasting these usage gains, several USD-denominated value metrics declined in Q1: fully diluted market cap fell 30.3% QoQ, total value locked (TVL) dropped 11.0%, and ecosystem transaction volume decreased 24.0%. The report interprets this as Ethereum prioritizing long-term network expansion and cementing its role as the default settlement layer for finance over short-term fee capture. The commentary from Etherealize argues that, much like the early internet, Ethereum's open, permissionless model is poised to win over closed alternatives as institutional tokenization accelerates.

marsbitHace 1 hora(s)

Ethereum Q1 2026 Report: Fees Decline, Users and Transaction Volume Hit New Highs

marsbitHace 1 hora(s)

Intel CEO Liwu Chen's First Podcast Interview: Our Goal is '10x in 5-10 Years', Betting on Advanced Packaging, Glass Substrate, and Synthetic Diamond

Intel CEO Chen Liwu outlines a bold vision for the company's transformation in a podcast interview, targeting a "10x return in 5-10 years." He emphasizes a strategic shift beyond traditional process node scaling, focusing on advanced packaging (like EMIB), new materials (glass substrates, GaN, SiC, InP, synthetic diamond), and system-level integration. Key to this is Intel's foundry business, where he prioritizes building trust through superior yield, defect density, and cycle times. Chen sees strong CPU demand resurgence driven by agent AI and inference workloads. He details the Terafab collaboration with Elon Musk to address semiconductor infrastructure gaps and stresses the strategic importance of U.S.-based advanced manufacturing. Acknowledging Intel is still in the "crawl" phase of his crawl-walk-run framework, Chen believes the company's full potential—extending from its PC base into edge computing and physical AI—will become apparent by 2030-2032.

marsbitHace 1 hora(s)

Intel CEO Liwu Chen's First Podcast Interview: Our Goal is '10x in 5-10 Years', Betting on Advanced Packaging, Glass Substrate, and Synthetic Diamond

marsbitHace 1 hora(s)

He Just Raised 2.7 Billion, and Li Fei-Fei Also Invested

Pete Florence, a former senior research scientist at Google DeepMind and a key contributor to the Vision-Language-Action (VLA) model architecture, is deliberately distancing his startup, Generalist AI, from the trendy "world model" label. He argues that the industry should prioritize concrete goals over buzzwords. His goal is to create robots that can perform a vast range of unseen tasks with high speed and success rates, without needing task-specific training data. Recently, his company raised $400 million (¥2.7 billion) at a $2 billion valuation. Notable investors include NVIDIA's NVentures, Bezos Expeditions, NFDG, as well as Xiaomi co-founder Lin Bin, Zoom founder Eric Yuan, and renowned AI scientist Fei-Fei Li. Florence's approach stems from his academic background at MIT under Professor Russ Tedrake, focusing on understanding the physical world. After joining DeepMind, he developed models like Transporter Network and co-created the VLA framework. He left in 2025 to found Generalist AI. The company has launched two models: GEN-0, which demonstrated that scaling laws apply to physical motion, and GEN-1. GEN-1 was trained on over 500,000 hours of physical interaction data collected via a specialized wearable device. It achieves a 99% success rate on precise mechanical tasks like folding boxes and maintains performance three times faster than its predecessor. Florence believes GEN-1 is reaching a commercial utility threshold similar to the GPT-3 inflection point. The substantial funding round, following GEN-1's release, signifies strong investor confidence in Generalist AI's practical, goal-driven path to creating versatile, useful robots, regardless of the "world model" terminology.

marsbitHace 1 hora(s)

He Just Raised 2.7 Billion, and Li Fei-Fei Also Invested

marsbitHace 1 hora(s)

Two Legends Lost in Three Days: Is Google's AI Talent Dam Cracking?

In three days, Google lost two AI legends. On June 18, Noam Shazeer, co-author of the seminal "Attention is All You Need" paper and Gemini co-lead, left for OpenAI. Just 48 hours later, John Jumper, 2024 Nobel laureate and AlphaFold lead, departed DeepMind for Anthropic. This follows Andrej Karpathy joining Anthropic in May. These moves highlight a structural trend: top AI talent is concentrating at mission-driven, pre-IPO firms like OpenAI and Anthropic, while Google becomes a primary source. The exodus stems from a core mission mismatch. Google's ad-centric model often subordinates AI research to product and revenue goals, creating friction for pioneers like Shazeer, who returned in 2024 only to leave again. In contrast, OpenAI and Anthropic offer singular focus on pushing AI boundaries, whether towards AGI or safety-aligned models, which deeply appeals to top researchers like Jumper. Financial incentives amplify the pull. With both OpenAI and Anthropic nearing IPO, employees stand to gain immensely from equity, an upside Google's mature stock cannot match. Furthermore, the 2023 merger of Google Brain and DeepMind, intended to consolidate strength, has instead created cultural tension and slowed the path from research to product, as evidenced by Gemini's pace. This talent redistribution is reshaping the AI landscape. While Google retains vast data and compute resources, its true crisis is the quiet, continuous loss of the people who define the field's future. The real moat in AI is not infrastructure, but the concentration of brilliant minds—a battle Google is currently losing.

marsbitHace 3 hora(s)

Two Legends Lost in Three Days: Is Google's AI Talent Dam Cracking?

marsbitHace 3 hora(s)

Behind the AI Report Card, Lies a Chinese 'Exam Setter'

Beyond the familiar performance charts like MMLU-Pro and MMMU, which major AI models strive to ace, stands a key "examiner": Chinese-Canadian researcher Wenhu Chen. An assistant professor at the University of Waterloo and founder of TIGERLab, Chen addresses the crucial need for more rigorous AI evaluation. As models like GPT-4 began scoring near-perfect results on older benchmarks like MMLU, it became difficult to distinguish their true capabilities. In response, Chen introduced MMLU-Pro in 2024, featuring harder, more reasoning-focused questions with more answer choices, successfully reintroducing meaningful performance gaps. His work extends to multi-modal evaluation with MMMU and its enhanced version, MMMU-Pro. These benchmarks test a model's ability to understand and reason with complex information from images, charts, and text across diverse academic subjects, exposing the significant challenges even top models face in genuine comprehension. Chen's background in complex QA, table reasoning, and his experience at Google DeepMind on projects like Gemini inform his approach. He understands that effective benchmarks must anticipate how models might "cheat" by memorizing data or avoiding visual analysis. His lab also actively researches video understanding and generation models (e.g., UniVideo, Vamba), ensuring his evaluation work is grounded in practical model-building challenges. Now at Meta's Super Intelligence Lab, Chen continues his focus on multi-modal data and evaluation, representing the deep yet often unseen contributions of Chinese talent in shaping the fundamental tools of the AI industry.

marsbitHace 3 hora(s)

Behind the AI Report Card, Lies a Chinese 'Exam Setter'

marsbitHace 3 hora(s)

Trading

Spot

Futuros

Artículos destacados

Qué es XAG

El contrato perpetuo XAGUSDT es el símbolo de negociación para la plata cotizada en dólares estadounidenses, representando 1 onza troy de plata.

8 Vistas totalesPublicado en 2026.06.18Actualizado en 2026.06.18

Cómo comprar XAG

¡Bienvenido a HTX.com! Hemos hecho que comprar Silver (XAG) sea simple y conveniente. Sigue nuestra guía paso a paso para iniciar tu viaje de criptos.Paso 1: crea tu cuenta HTXUtiliza tu correo electrónico o número de teléfono para registrarte y obtener una cuenta gratuita en HTX. Experimenta un proceso de registro sin complicaciones y desbloquea todas las funciones.Obtener mi cuentaPaso 2: ve a Comprar cripto y elige tu método de pagoTarjeta de crédito/débito: usa tu Visa o Mastercard para comprar Silver (XAG) al instante.Saldo: utiliza fondos del saldo de tu cuenta HTX para tradear sin problemas.Terceros: hemos agregado métodos de pago populares como Google Pay y Apple Pay para mejorar la comodidad.P2P: tradear directamente con otros usuarios en HTX.Over-the-Counter (OTC): ofrecemos servicios personalizados y tipos de cambio competitivos para los traders.Paso 3: guarda tu Silver (XAG)Después de comprar tu Silver (XAG), guárdalo en tu cuenta HTX. Alternativamente, puedes enviarlo a otro lugar mediante transferencia blockchain o utilizarlo para tradear otras criptomonedas.Paso 4: tradear Silver (XAG)Tradear fácilmente con Silver (XAG) en HTX's mercado spot. Simplemente accede a tu cuenta, selecciona tu par de trading, ejecuta tus trades y monitorea en tiempo real. Ofrecemos una experiencia fácil de usar tanto para principiantes como para traders experimentados.

5 Vistas totalesPublicado en 2026.06.18Actualizado en 2026.06.18

Cómo comprar XAU

¡Bienvenido a HTX.com! Hemos hecho que comprar Gold (XAU) sea simple y conveniente. Sigue nuestra guía paso a paso para iniciar tu viaje de criptos.Paso 1: crea tu cuenta HTXUtiliza tu correo electrónico o número de teléfono para registrarte y obtener una cuenta gratuita en HTX. Experimenta un proceso de registro sin complicaciones y desbloquea todas las funciones.Obtener mi cuentaPaso 2: ve a Comprar cripto y elige tu método de pagoTarjeta de crédito/débito: usa tu Visa o Mastercard para comprar Gold (XAU) al instante.Saldo: utiliza fondos del saldo de tu cuenta HTX para tradear sin problemas.Terceros: hemos agregado métodos de pago populares como Google Pay y Apple Pay para mejorar la comodidad.P2P: tradear directamente con otros usuarios en HTX.Over-the-Counter (OTC): ofrecemos servicios personalizados y tipos de cambio competitivos para los traders.Paso 3: guarda tu Gold (XAU)Después de comprar tu Gold (XAU), guárdalo en tu cuenta HTX. Alternativamente, puedes enviarlo a otro lugar mediante transferencia blockchain o utilizarlo para tradear otras criptomonedas.Paso 4: tradear Gold (XAU)Tradear fácilmente con Gold (XAU) en HTX's mercado spot. Simplemente accede a tu cuenta, selecciona tu par de trading, ejecuta tus trades y monitorea en tiempo real. Ofrecemos una experiencia fácil de usar tanto para principiantes como para traders experimentados.

7 Vistas totalesPublicado en 2026.06.18Actualizado en 2026.06.18

Discusiones

Bienvenido a la comunidad de HTX. Aquí puedes mantenerte informado sobre los últimos desarrollos de la plataforma y acceder a análisis profesionales del mercado. A continuación se presentan las opiniones de los usuarios sobre el precio de A (A).