How a single copy-paste mistake cost a user $50M in USDt

cointelegraphPubblicato 2025-12-20Pubblicato ultima volta 2025-12-20

Introduzione

A user lost nearly $50 million in USDt in an address poisoning scam after mistakenly copying a malicious look-alike address from their transaction history. The scam works by attackers sending small transactions to a victim's wallet using addresses that closely resemble those of the victim's trusted contacts. In this case, the victim first sent a small test transaction to the correct address but then copied a fraudulent, similar-looking address for the full $50 million transfer. Onchain investigators noted the addresses shared the same first three and last four characters, a subtle similarity that can deceive even experienced users. The stolen funds were subsequently swapped for Ether and partially laundered through Tornado Cash. This incident highlights how such attacks exploit human error rather than technical vulnerabilities. The loss occurred amid a broader surge in crypto hacks, which reached $3.4 billion in losses in 2025.

A single transaction error led to one of the largest onchain losses seen this year, after a user mistakenly sent nearly $50 million in USDt to a scam address in a classic address poisoning attack.

According to onchain investigator Web3 Antivirus, the victim lost 49,999,950 USDt (USDT) after copying a malicious wallet address from their transaction history.

Address poisoning scams rely on look-alike wallet addresses being inserted into a victim’s transaction history via small transfers. When victims later copy an address from their transaction history, they may unknowingly select the scammer’s lookalike address instead of the intended recipient.

Onchain data shows the victim initially sent a small test transaction to the correct address. Minutes later, however, the full $50 million transfer was sent to the poisoned address.

*User falls victim to address poisoning scam. Source:* *Web3 Antivirus*

Related: Attacker takes over multisig minutes after creation, drains up to $40M slowly

Subtle address similarity enough to fool experienced users

Security researcher Cos, founder of SlowMist, noted the similarity between the addresses was subtle but enough to deceive even experienced users. “You can see the first 3 characters and last 4 characters are the same,” he wrote.

The victim’s wallet had been active for roughly two years and was primarily used for USDt transfers, according to onchain analysis. Shortly before the loss, the funds were withdrawn from Binance, suggesting the wallet was being actively managed at the time of the incident.

“This is the brutal reality of address poisoning, an attack that doesn’t rely on breaking systems, but on exploiting human habits,” another onchain analyst wrote.

The attacker has since swapped the stolen USDt for Ether (ETH), splitting it into multiple wallets, and partially moved it into Tornado Cash.

Related: Binance denies reports of delayed action over funds linked to Upbit hack

Crypto hacks hit $3.4 billion in 2025

As Cointelegraph reported, crypto-related hacks resulted in $3.4 billion in losses in 2025, marking the highest annual total since 2022. The surge was largely driven by a handful of massive breaches targeting major crypto entities rather than a broad rise in average attack size.

Just three incidents accounted for 69% of total losses this year, led by the $1.4 billion hack of crypto exchange Bybit, which alone made up nearly half of all stolen funds.

Magazine: 2026 is the year of pragmatic privacy in crypto — Canton, Zcash and more

Crypto di tendenza

CitreaCTR

wrapped stUSDTWSTUSDT

Velodrome FinanceVELODROME

BrevisBREV

ZRX（0X）ZRX

Domande pertinenti

QWhat is an address poisoning scam and how did it lead to a $50 million loss?

AAn address poisoning scam is a type of attack where a scammer sends a small transaction to a victim's wallet using a look-alike address. The victim, when later copying an address from their transaction history, may accidentally select the scammer's fraudulent address instead of the legitimate one. In this case, the user mistakenly sent $50 million in USDt to the poisoned address.

QWhat detail did the security researcher from SlowMist point out about the fraudulent address?

AThe security researcher, Cos from SlowMist, noted that the similarity between the legitimate and the fraudulent address was very subtle. He pointed out that the first 3 characters and the last 4 characters of the two addresses were identical, which was enough to deceive even experienced users.

QWhat did the attacker do with the stolen USDt funds after the scam was successful?

AAfter successfully stealing the USDt, the attacker swapped the funds for Ether (ETH). They then split the ETH into multiple wallets and partially moved it into the privacy-focused mixing service, Tornado Cash.

QHow much was lost to crypto hacks in 2025 according to the article, and what was a major contributing factor?

AAccording to the article, crypto-related hacks resulted in $3.4 billion in losses in 2025. The surge was largely driven by a handful of massive breaches targeting major crypto entities, with just three incidents accounting for 69% of the total losses.

QWhat preliminary step did the victim take before sending the full $50 million, and why was it ineffective in preventing the loss?

AThe victim initially sent a small test transaction to the correct address. However, this was ineffective because the scammer's look-alike address was already in their transaction history from a previous, small 'poisoning' transfer. When the victim went to copy the address for the large transfer, they mistakenly selected the fraudulent one.

Letture associate

Analysis of the Latest Portfolio Adjustment by the "Top Player" in the U.S. Stock Market: $9 Billion Short on NVIDIA, Shifting Focus to Power and Memory Sectors

AI investor Leopold Aschenbrenner has made a significant portfolio shift, taking a $9 billion nominal short position against top AI infrastructure stocks like NVIDIA, ASML, and Oracle. Simultaneously, he is redirecting capital towards what he sees as the next critical bottlenecks in the AI boom: power, memory, and data center networking, alongside private investments in AI model companies like Anthropic. This move is interpreted not as a call that the AI bubble has burst, but as a rotation within the infrastructure stack. The analysis highlights NVIDIA's recent $25 billion bond issuance as a potential signal, questioning why a cash-rich company would seek external debt despite high profits and increased dividends/buybacks. The core investment thesis is that the initial, crowded "picks and shovels" trade in semiconductors is maturing. The next wave of capital is expected to flow into the physical and logistical constraints of AI expansion: electricity supply, memory chip capacity, data center construction, and enabling technologies like optical networking (fiber) for high-bandwidth communication, where copper remains crucial for short distances. Aschenbrenner's substantial (approx. 20% of fund) private stake in Anthropic is noted as a key part of his strategy—investing directly in the "mine" (AI models) rather than just the "shovels." The discussion concludes that while certain segments may be overvalued, the overarching AI infrastructure demand driven by real product usage remains robust. The most promising long-term investments are seen in essential, non-sexy infrastructure—particularly energy and power companies—whose demand is viewed as a global constant irrespective of AI's cyclicality.

marsbit5 min fa

Analysis of the Latest Portfolio Adjustment by the "Top Player" in the U.S. Stock Market: $9 Billion Short on NVIDIA, Shifting Focus to Power and Memory Sectors

marsbit5 min fa

BIT Research: Liquidity is Disappearing, Will Bitcoin Replay the Bottoming Pattern of 2022?

The crypto market is currently in an adjustment phase driven by policy expectations and liquidity shifts. Despite a brief rebound fueled by geopolitical easing and SpaceX's strong IPO performance, unexpectedly hawkish signals from new Fed Chair Kevin Warsh have removed anticipated easing support. Concurrently, stablecoin liquidity is shrinking, with insufficient new capital inflows, pushing the market into a typically quiet summer period. Pricing lacks catalysts for a sustained rally. Daily trading volume has significantly contracted, stablecoin growth has slowed markedly, and the supportive effect of Strategy's (formerly MicroStrategy) STRC preferred stock-financed Bitcoin purchases is fading. Amid policy uncertainty, seasonal weakness, and liquidity contraction, Bitcoin faces near-term downward pressure. Warsh's hawkish pivot and refusal to provide a clear policy outlook have increased risk premiums, historically unfavorable for Bitcoin. Technically, the trend remains bearish below $73,700, with $62,446 as critical support. A break below could accelerate declines, though a prolonged consolidation phase, similar to 2022's bottoming process, is possible. Liquidity is a core constraint. Current daily volume is around $500 billion, roughly 25% of the peak during the July-Oct 2025 rally. The 12-month growth rates for USDT and USDC have fallen to ~20%, with 6-month growth near zero, indicating weak new inflows. Bitcoin ETF and Strategy-driven inflows have also weakened, with a 30-day rolling net outflow. With inflation at 4.2% above the Fed's target, combined hawkish policy, seasonal factors, and liquidity shortages challenge Bitcoin's ability to hold above $60,000. However, this adjustment phase may be forming a cyclical low this summer, potentially setting the stage for the next bull cycle.

marsbit33 min fa

BIT Research: Liquidity is Disappearing, Will Bitcoin Replay the Bottoming Pattern of 2022?

marsbit33 min fa

Mining Companies' High-Stakes Bet on AI: Valuations Enter a Phase of Divergence, Uphill Battle Ahead

Crypto miners are facing increasing pressure amid weak digital asset markets, pushing many to pivot towards AI infrastructure as a new growth avenue. Leveraging existing assets like power resources, land, and cooling systems, miners can convert facilities for AI compute at lower costs. This transition narrative has fueled significant stock rallies, with some miners' shares outperforming Bitcoin year-to-date. Market valuations have diverged, with pioneers like CoreWeave reaching a multi-billion dollar valuation, while others lag. The shift is driven by AI's explosive demand for data centers and compute, with clients willing to pay premiums for power and space. However, the transformation is capital-intensive, requiring massive funding for GPU procurement and facility upgrades, with an estimated short-term funding gap of $50 billion. Miners are raising capital through convertible bonds, Bitcoin sales, and securing long-term AI contracts to finance the build-out. While AI offers greater long-term potential than mining, success hinges on execution, timely project delivery, and securing quality tenants, moving the valuation focus from power capacity to cash flow and return metrics.

marsbit1 h fa

Mining Companies' High-Stakes Bet on AI: Valuations Enter a Phase of Divergence, Uphill Battle Ahead

marsbit1 h fa

Who Makes the Best Use of Claude Code? The Answer Might Not Be Programmers

Claude Code Usage Report Summary (Based on ~400k sessions) Core Finding: In agentic programming with Claude Code, a clear division of labor has emerged: humans primarily decide *what* to build (planning decisions), while Claude decides *how* to build it (execution decisions). Key Insights: 1. **Effectiveness is not limited to programmers.** In code-generation tasks, success rates for users in non-technical fields (law, finance, management, research) are nearing those of software engineers. What matters most is the user's domain expertise and understanding of the problem to be solved. 2. **Domain expertise drives success and efficiency.** Sessions where users exhibited "expert" proficiency in the task's domain saw verified success rates double compared to "novice" sessions. Experts also delegated more work per instruction, with Claude executing more actions and producing more output. 3. **AI is amplifying, not replacing, domain knowledge.** Claude Code lowers the *implementation* barrier, not the *judgment* barrier. The value of knowing the "what" and "why" is increasing relative to just knowing the "how" to code. 4. **Usage is evolving.** Over a 7-month period (Oct '25 - Apr '26), the share of sessions for debugging halved, while use for software operations, data analysis, and non-code writing roughly doubled. The estimated economic value of typical tasks increased by ~25%. Conclusion: The data suggests coding agents are making programming background less critical for completing technical tasks. However, they reward and amplify deep domain understanding. The ability to successfully direct an AI agent stems more from mastery of a specific field than from coding skill itself. The primary gains come from being competent in a domain; deep specialization adds only marginal additional advantage. This may signal a shift where software creation becomes integrated into various professions.

marsbit1 h fa

Who Makes the Best Use of Claude Code? The Answer Might Not Be Programmers

marsbit1 h fa

Strategy's Preferred Stock STRC Unpegs by 11%, Can Its Perpetual Motion Machine Keep Spinning?

The preferred stock STRC issued by Strategy (MicroStrategy) has depegged over 11% from its $100 target par value, raising questions about the sustainability of the company's capital flywheel strategy. STRC, a perpetual preferred stock designed to trade around $100, serves as a key engine for Strategy's expansion, allowing it to raise fiat currency via at-the-market offerings to buy Bitcoin without diluting common shareholder equity. Its depegging, despite dividend rate hikes, suggests market concerns extend beyond yield to the core stability of Strategy's model. Analysts point to potential leveraged unwinding and, more critically, worries about Strategy's liquidity. While the company cites its massive Bitcoin holdings as covering decades of dividends, a recent small BTC sale—a first—has shaken confidence in its "never sell" narrative. If STRC remains discounted, impairing Strategy's fundraising ability, fears may grow that the company could be forced to sell Bitcoin to meet obligations, potentially turning a major market buyer into a seller and exerting significant downward pressure on Bitcoin's price.

marsbit1 h fa

Strategy's Preferred Stock STRC Unpegs by 11%, Can Its Perpetual Motion Machine Keep Spinning?

marsbit1 h fa

Trading

Spot

Futures

Articoli Popolari

Cosa è XAG

Il contratto perpetuo XAGUSDT è il simbolo di trading per l'argento quotato in dollari statunitensi, che rappresenta 1 oncia troy di argento.

4 Totale visualizzazioniPubblicato il 2026.06.18Aggiornato il 2026.06.18

Come comprare XAG

Benvenuto in HTX.com! Abbiamo reso l'acquisto di Silver (XAG) semplice e conveniente. Segui la nostra guida passo passo per intraprendere il tuo viaggio nel mondo delle criptovalute.Step 1: Crea il tuo Account HTXUsa la tua email o numero di telefono per registrarti il tuo account gratuito su HTX. Vivi un'esperienza facile e sblocca tutte le funzionalità,Crea il mio accountStep 2: Vai in Acquista crypto e seleziona il tuo metodo di pagamentoCarta di credito/debito: utilizza la tua Visa o Mastercard per acquistare immediatamente SilverXAG.Bilancio: Usa i fondi dal bilancio del tuo account HTX per fare trading senza problemi.Terze parti: abbiamo aggiunto metodi di pagamento molto utilizzati come Google Pay e Apple Pay per maggiore comodità.P2P: Fai trading direttamente con altri utenti HTX.Over-the-Counter (OTC): Offriamo servizi su misura e tassi di cambio competitivi per i trader.Step 3: Conserva Silver (XAG)Dopo aver acquistato Silver (XAG), conserva nel tuo account HTX. In alternativa, puoi inviare tramite trasferimento blockchain o scambiare per altre criptovalute.Step 4: Scambia Silver (XAG)Scambia facilmente Silver (XAG) nel mercato spot di HTX. Accedi al tuo account, seleziona la tua coppia di trading, esegui le tue operazioni e monitora in tempo reale. Offriamo un'esperienza user-friendly sia per chi ha appena iniziato che per i trader più esperti.

3 Totale visualizzazioniPubblicato il 2026.06.18Aggiornato il 2026.06.18

Come comprare XAU

Benvenuto in HTX.com! Abbiamo reso l'acquisto di Gold (XAU) semplice e conveniente. Segui la nostra guida passo passo per intraprendere il tuo viaggio nel mondo delle criptovalute.Step 1: Crea il tuo Account HTXUsa la tua email o numero di telefono per registrarti il tuo account gratuito su HTX. Vivi un'esperienza facile e sblocca tutte le funzionalità,Crea il mio accountStep 2: Vai in Acquista crypto e seleziona il tuo metodo di pagamentoCarta di credito/debito: utilizza la tua Visa o Mastercard per acquistare immediatamente GoldXAU.Bilancio: Usa i fondi dal bilancio del tuo account HTX per fare trading senza problemi.Terze parti: abbiamo aggiunto metodi di pagamento molto utilizzati come Google Pay e Apple Pay per maggiore comodità.P2P: Fai trading direttamente con altri utenti HTX.Over-the-Counter (OTC): Offriamo servizi su misura e tassi di cambio competitivi per i trader.Step 3: Conserva Gold (XAU)Dopo aver acquistato Gold (XAU), conserva nel tuo account HTX. In alternativa, puoi inviare tramite trasferimento blockchain o scambiare per altre criptovalute.Step 4: Scambia Gold (XAU)Scambia facilmente Gold (XAU) nel mercato spot di HTX. Accedi al tuo account, seleziona la tua coppia di trading, esegui le tue operazioni e monitora in tempo reale. Offriamo un'esperienza user-friendly sia per chi ha appena iniziato che per i trader più esperti.

7 Totale visualizzazioniPubblicato il 2026.06.18Aggiornato il 2026.06.18

Discussioni

Benvenuto nella Community HTX. Qui puoi rimanere informato sugli ultimi sviluppi della piattaforma e accedere ad approfondimenti esperti sul mercato. Le opinioni degli utenti sul prezzo di A A sono presentate come di seguito.