How a single copy-paste mistake cost a user $50M in USDt

cointelegraphPubblicato 2025-12-20Pubblicato ultima volta 2025-12-20

Introduzione

A user lost nearly $50 million in USDt in an address poisoning scam after mistakenly copying a malicious look-alike address from their transaction history. The scam works by attackers sending small transactions to a victim's wallet using addresses that closely resemble those of the victim's trusted contacts. In this case, the victim first sent a small test transaction to the correct address but then copied a fraudulent, similar-looking address for the full $50 million transfer. Onchain investigators noted the addresses shared the same first three and last four characters, a subtle similarity that can deceive even experienced users. The stolen funds were subsequently swapped for Ether and partially laundered through Tornado Cash. This incident highlights how such attacks exploit human error rather than technical vulnerabilities. The loss occurred amid a broader surge in crypto hacks, which reached $3.4 billion in losses in 2025.

A single transaction error led to one of the largest onchain losses seen this year, after a user mistakenly sent nearly $50 million in USDt to a scam address in a classic address poisoning attack.

According to onchain investigator Web3 Antivirus, the victim lost 49,999,950 USDt (USDT) after copying a malicious wallet address from their transaction history.

Address poisoning scams rely on look-alike wallet addresses being inserted into a victim’s transaction history via small transfers. When victims later copy an address from their transaction history, they may unknowingly select the scammer’s lookalike address instead of the intended recipient.

Onchain data shows the victim initially sent a small test transaction to the correct address. Minutes later, however, the full $50 million transfer was sent to the poisoned address.

*User falls victim to address poisoning scam. Source:* *Web3 Antivirus*

Related: Attacker takes over multisig minutes after creation, drains up to $40M slowly

Subtle address similarity enough to fool experienced users

Security researcher Cos, founder of SlowMist, noted the similarity between the addresses was subtle but enough to deceive even experienced users. “You can see the first 3 characters and last 4 characters are the same,” he wrote.

The victim’s wallet had been active for roughly two years and was primarily used for USDt transfers, according to onchain analysis. Shortly before the loss, the funds were withdrawn from Binance, suggesting the wallet was being actively managed at the time of the incident.

“This is the brutal reality of address poisoning, an attack that doesn’t rely on breaking systems, but on exploiting human habits,” another onchain analyst wrote.

The attacker has since swapped the stolen USDt for Ether (ETH), splitting it into multiple wallets, and partially moved it into Tornado Cash.

Related: Binance denies reports of delayed action over funds linked to Upbit hack

Crypto hacks hit $3.4 billion in 2025

As Cointelegraph reported, crypto-related hacks resulted in $3.4 billion in losses in 2025, marking the highest annual total since 2022. The surge was largely driven by a handful of massive breaches targeting major crypto entities rather than a broad rise in average attack size.

Just three incidents accounted for 69% of total losses this year, led by the $1.4 billion hack of crypto exchange Bybit, which alone made up nearly half of all stolen funds.

Magazine: 2026 is the year of pragmatic privacy in crypto — Canton, Zcash and more

Domande pertinenti

QWhat is an address poisoning scam and how did it lead to a $50 million loss?

AAn address poisoning scam is a type of attack where a scammer sends a small transaction to a victim's wallet using a look-alike address. The victim, when later copying an address from their transaction history, may accidentally select the scammer's fraudulent address instead of the legitimate one. In this case, the user mistakenly sent $50 million in USDt to the poisoned address.

QWhat detail did the security researcher from SlowMist point out about the fraudulent address?

AThe security researcher, Cos from SlowMist, noted that the similarity between the legitimate and the fraudulent address was very subtle. He pointed out that the first 3 characters and the last 4 characters of the two addresses were identical, which was enough to deceive even experienced users.

QWhat did the attacker do with the stolen USDt funds after the scam was successful?

AAfter successfully stealing the USDt, the attacker swapped the funds for Ether (ETH). They then split the ETH into multiple wallets and partially moved it into the privacy-focused mixing service, Tornado Cash.

QHow much was lost to crypto hacks in 2025 according to the article, and what was a major contributing factor?

AAccording to the article, crypto-related hacks resulted in $3.4 billion in losses in 2025. The surge was largely driven by a handful of massive breaches targeting major crypto entities, with just three incidents accounting for 69% of the total losses.

QWhat preliminary step did the victim take before sending the full $50 million, and why was it ineffective in preventing the loss?

AThe victim initially sent a small test transaction to the correct address. However, this was ineffective because the scammer's look-alike address was already in their transaction history from a previous, small 'poisoning' transfer. When the victim went to copy the address for the large transfer, they mistakenly selected the fraudulent one.

Letture associate

Crypto market ‘isn’t scared enough’ to call a bottom yet: Santiment

According to Santiment founder Maksim Balashevich, the crypto market has not yet shown sufficient fear on social media to confirm a bottom, suggesting Bitcoin could still drop to around $75,000. He noted that widespread optimism about a near-term reversal contradicts typical bottom formation sentiment. Despite this outlook, the Crypto Fear & Greed Index has been in "Extreme Fear" territory since mid-December. Other analysts offer mixed predictions, with Fidelity’s Jurrien Timmer warning of a potential decline to $65,000 in 2026, while Bitwise’s Matt Hougan remains bullish. Market indicators show conflicting signals, including risk-off positioning among traders.

cointelegraph38 min fa

Crypto market ‘isn’t scared enough’ to call a bottom yet: Santiment

cointelegraph38 min fa

Canton Network surges on SEC-linked boost – Can CC extend gains?

The Canton Network's native token CC surged 11% in 24 hours, becoming the top daily gainer, following a key regulatory development. The U.S. SEC issued a non-action letter to the Depository Trust & Clearing Corporation (DTCC), clearing the path for tokenized treasury infrastructure on the network. This sparked significant bullish sentiment, with 89% of voters expecting further price gains. The news adds to a series of partnerships that have historically supported CC's price, including a recent integration that previously pushed it up 5%. Market data shows strong bullish positioning. Open interest-weighted funding rates remain positive, indicating long dominance, with $14.28 million flowing into long contracts. Spot markets also saw net inflows of $6.40 million over the past week. However, liquidation heatmaps suggest caution, showing heavier liquidity clusters below the current price, which could lead to a short-term pullback. Despite this, overall sentiment remains constructive due to regulatory clarity, institutional partnerships, and sustained capital inflows.

ambcrypto49 min fa

Canton Network surges on SEC-linked boost – Can CC extend gains?

ambcrypto49 min fa

XRP Analyst Points Out The Best Range To Take Profit

XRP analyst Protechtor identifies a key profit-taking range between $2.50 and $2.68, suggesting a potential 30.9-40.3% upside from the current price of around $1.91. This target aligns with a major resistance zone and prior market reactions. The analysis notes that XRP recently completed a liquidity grab and reacted from the bottom of a running flat Elliott Wave formation, indicating a possible short-term upward move. A stop loss near $1.60 is recommended to manage risk. Despite recent bearish trends, the analyst expects a bounce, citing stretched bearish pressure and a approach toward the 20-month Moving Average, which has historically supported bull cycles.

bitcoinist50 min fa

XRP Analyst Points Out The Best Range To Take Profit

bitcoinist50 min fa

Analyzing Ethereum’s price rebound as BlackRock shifts $109M in ETH

Ethereum's price rebound to around $2,980 drew significant institutional and whale activity, with large holders like BlackRock moving $108.4M in ETH to Coinbase. This sparked questions over whether it signaled expected downside or profit-taking. Despite the price increase, spot trading volume fell 52%, suggesting weak conviction, while rising Open Interest indicated leveraged positioning was driving stability. Technically, ETH is consolidating in a tight range between $2,790 and $3,000. A break above $3,000 could reverse the downtrend, while a drop below $2,790 may trigger strong selling. Indicators like the ADX and CMF support a bearish near-term outlook, pointing to underlying caution despite the rebound.

ambcrypto1 h fa

Analyzing Ethereum’s price rebound as BlackRock shifts $109M in ETH

ambcrypto1 h fa

Here’s how Euro stablecoins hit $1B despite weak hype

Euro-denominated stablecoins have surpassed $1 billion in market value, doubling this year, with Circle’s EURC driving most of the growth and now holding a dominant market share. EURC holders have also surged past 150,000. Meanwhile, USD Coin (USDC) continues expanding across multiple blockchains, with supply on XDC Network exceeding $200 million and holder counts rising significantly on Base, Polygon, and Solana. Cross-chain transfer volumes via CCTP reached a record high of over $30 billion in Q4 2025, indicating that growth is increasingly driven by transaction activity rather than asset accumulation.

ambcrypto2 h fa

Here’s how Euro stablecoins hit $1B despite weak hype

ambcrypto2 h fa

Trading

Spot

Futures

Discussioni

Benvenuto nella Community HTX. Qui puoi rimanere informato sugli ultimi sviluppi della piattaforma e accedere ad approfondimenti esperti sul mercato. Le opinioni degli utenti sul prezzo di A A sono presentate come di seguito.