Is Ethereum’s activity growth fake? Behind the 3.86mln poisoned wallets

ambcryptoPublished on 2026-01-20Last updated on 2026-01-20

Abstract

Ethereum's recent surge in network activity, including a 170% increase in new addresses and record-high transactions, is largely artificial and driven by a large-scale address poisoning attack. Security researcher Andrey Sergeenkov found that around 80% of this growth came from stablecoin transactions, with 3.86 million out of 5.78 million new addresses receiving initial transfers of less than $1. These "dust" payments are used by attackers who mimic victim wallet addresses to trick users into sending funds to fraudulent accounts. The Fusaka upgrade, which reduced ERC-20 transfer fees by nearly six times, made such attacks profitable by enabling mass spam transactions. Despite a low success rate, one victim lost $509,000, highlighting the risks behind these inflated metrics.

Ethereum [ETH] just posted some of its busiest network metrics on record, but all that glitters isn’t gold. According to security researcher Andrey Sergeenkov, much of this activity is caused by a large-scale address poisoning attack!

What you should know

On the surface, the data is impressive.

New Ethereum addresses went 2.7x above the 2025 average.

Peak was around the 12th of January, with 2.7 million new addresses; 170% increase over normal levels. At the same time, weekly transactions went up 63%, going from 10.5 million to a record 17.1 million.

But when Sergeenkov dug deeper, he reported that around 80% of this growth was driven by stablecoins, mainly USDT and USDC.

What’s interesting is that stablecoins are often used in automated activity. So, in this case, the numbers were unusually skewed.

Looking at first-time stablecoin transactions, the pattern became clear. 67% of new addresses received less than $1 as their very first transfer. In total, 3.86 million out of 5.78 million addresses received these tiny “dust” payments.

This is obvious address poisoning.

But what is that?

Attackers send tiny amounts of tokens to wallets using addresses that closely resemble a victim’s real one. When users later copy an address from their transaction history without checking it carefully, they end up sending funds to the attacker.

Sergeenkov identified the main culprits by tracking USDT and USDC transfers under $1 between the 15th of December and 18th of January 2026. He filtered for senders that distributed dust to at least 10,000 unique addresses, and uncovered several large-scale operators.

The top three contracts alone sent dust to more than 1.6 million addresses. One distributed dust to 690,000 wallets, another to 589,000, and a third to 405,000.

How Fusaka changed things

Address poisoning wasn’t always worth the effort. The success rate is extremely low (about 0.01%) so attackers depend on a few big mistakes to make money. In this case, one victim alone lost $509,000, making up most of the funds stolen so far.

That changed in December.

Ethereum’s Fusaka upgrade cut average ERC-20 transfer fees by nearly 6x, making it cheap to send millions of spam transactions.

Almost overnight, large-scale poisoning became profitable.

New contracts have appeared in recent days, with one already sending dust to 78,000 addresses. All major attacker contracts are active, and the biggest losses often happen toward the end.

Final Thoughts

  • Ethereum’s record growth is being inflated by address poisoning.
  • The Fusaka upgrade cut fees 6×, making it a profitable attack.

Related Questions

QWhat is address poisoning in the context of Ethereum, and how does it work?

AAddress poisoning is an attack where scammers send tiny amounts of tokens (dust) to wallets using addresses that closely resemble a victim's real one. When users later copy an address from their transaction history without carefully checking it, they may accidentally send funds to the attacker's address.

QAccording to the researcher, what percentage of Ethereum's recent new address growth was driven by stablecoins?

AAccording to security researcher Andrey Sergeenkov, around 80% of the recent growth in new Ethereum addresses was driven by stablecoins, mainly USDT and USDC.

QHow did the Fusaka upgrade on Ethereum make address poisoning attacks more profitable?

AEthereum's Fusaka upgrade cut the average ERC-20 transfer fees by nearly 6 times, making it significantly cheaper for attackers to send millions of spam transactions, thus making large-scale address poisoning a profitable endeavor.

QHow many 'dust' payments were sent to new addresses during the attack period mentioned in the article?

AA total of 3.86 million out of 5.78 million new addresses received tiny 'dust' payments of less than $1 as their first transfer.

QWhat was the estimated success rate of the address poisoning attack, and what was a significant loss mentioned?

AThe success rate of the address poisoning attack is extremely low, estimated at about 0.01%. However, one victim alone lost $509,000, which made up most of the stolen funds mentioned in the report.

Related Reads

Chris Jericho to Join and Co-Create Official Community Traits for Kokopi Koalas™ NFT Collection

Pro wrestling legend and collector Chris Jericho is officially partnering with the Kokopi Koalas NFT project on Solana. As part of the collaboration, Jericho will host live community events where holders can submit ideas for official "Chris Jericho Traits." He will personally select the winning designs, which will then become available for purchase in the project's Trait Store. This store allows NFT holders to continuously customize and evolve their Koala NFTs by acquiring and swapping traits. Holders of these official traits will also gain access to exclusive, limited-edition real-world merchandise like apparel and posters at a discount. The partnership aims to deepen community engagement, with Jericho also providing VIP access to token holders through Discord and X.com. The Kokopi Koalas mint is scheduled for June 11. The project emphasizes ongoing customization through future trait releases, including upcoming soccer-themed traits for the World Cup.

TheNewsCrypto14m ago

Chris Jericho to Join and Co-Create Official Community Traits for Kokopi Koalas™ NFT Collection

TheNewsCrypto14m ago

50% Of All Bitcoin In Circulation Are Now Sitting On Major Losses, Is This A Bottom Signal?

Bitcoin is potentially flashing a key contrarian signal as over 10.46 million BTC, roughly half of its circulating supply, is now held at a loss. This metric, highlighted by analyst Ali Martinez using Glassnode data, has historically coincided with major market turning points. The significant increase in underwater supply, alongside Bitcoin's price decline of over 40% from its highs to around $63,242, suggests heightened investor stress. Martinez notes that such elevated loss holdings can reduce selling pressure as holders are less incentivized to realize losses. Supporting this, the Net Unrealized Profit/Loss (NUPL) indicator has entered the "Hope-Fear" zone, reflecting shaken confidence. While a definitive bottom is unconfirmed, the scale of unrealized losses places Bitcoin in a historical accumulation zone, raising debate on whether the current decline is nearing its end.

bitcoinist37m ago

50% Of All Bitcoin In Circulation Are Now Sitting On Major Losses, Is This A Bottom Signal?

bitcoinist37m ago

Strategy Sold Bitcoin, Now Metaplanet Is Down 47% — Who Sells Next?

Japan's Metaplanet, a major corporate Bitcoin holder, is considering a share buyback program to boost its Bitcoin-per-share ratio. This decision is triggered because its market value has fallen below the value of its Bitcoin holdings (mNAV ratio of 0.90). CEO Simon Gerovich stated the company's primary goal is maximizing "BTC Yield." Buying back shares at this discount is mathematically equivalent to acquiring Bitcoin below market price, increasing the BTC per share for remaining shareholders without buying new coins. Metaplanet holds roughly 40,177 BTC and aims to hold 210,000 by 2027. Its stock is down 47% year-to-date, a decline that, under its own policy, creates an opportunity for value-accretive repurchases.

bitcoinist2h ago

Strategy Sold Bitcoin, Now Metaplanet Is Down 47% — Who Sells Next?

bitcoinist2h ago

Dialogue with a Macro Analyst: AI Drains All Liquidity from U.S. Stocks, $40K Bitcoin is the True Bottom

In a recent discussion, macro strategist Luke Groman, founder of FFT LC, presented a sobering analysis of current markets. He argues that while the S&P 500 hits new highs, this is largely driven by just seven AI stocks, which are "sucking all the oxygen and liquidity out of the room." Bitcoin, which he calls the "last working smoke alarm for liquidity," is signaling trouble, having entered a difficult period. Groman explains that the AI boom is fueled by accounting practices that front-load revenue, creating an illusion of high profits while cash is being depleted. He warns this cycle could reverse sharply when construction slows. His base case is that stocks will rise in dollar terms but fall significantly when measured in gold or Bitcoin, highlighting that long-term US Treasury futures have already lost 90% of their value against gold over the past decade. He points to major structural risks, including China's dominance in rare earths—a small commodity market underpinning trillions in tech stock value—and the prolonged closure of the Strait of Hormuz, which he calls a "Suez Moment" for the US. This, combined with a shift towards a "no ticky, no washy" proof-of-work system for settling trade (using gold, not trust), signals deeper systemic distrust. Regarding US debt, Groman notes that historically, all 58 countries that reached a 130% debt-to-GDP ratio defaulted, primarily through inflation. The US crossed this threshold in 2020. He also highlights a contradiction in the AI narrative: if it's as transformative as claimed, it must destroy white-collar jobs, threatening half of US tax revenue—a reality at odds with the "no job loss" messaging from tech leaders. On Bitcoin, Groman sold most of his position near the top and hasn't fully re-entered. Citing technical analysis from Northstar Bad Charts, he suggests a potential bottom around $40,000 could materialize in Q3 or Q4. He concludes that while he may be labeled a doomsayer, his view is simply realistic, grounded in historical precedents and current macro pressures.

marsbit3h ago

Dialogue with a Macro Analyst: AI Drains All Liquidity from U.S. Stocks, $40K Bitcoin is the True Bottom

marsbit3h ago

Broadcom vs AMD: Which is the Most Promising AI Chip Stock to Bet on After Nvidia?

Amidst Nvidia's dominance in the AI chip market, Broadcom and AMD are key contenders for the second-place spot. AMD competes directly in general-purpose GPUs, gaining some traction with clients like Meta but facing significant challenges overcoming Nvidia's entrenched CUDA software ecosystem. In contrast, Broadcom pursues a differentiated strategy by designing custom XPU chips tailored to specific AI workloads for major clients like Anthropic, Google, Meta, and OpenAI. This approach offers efficiency advantages and greater customer stickiness, particularly as AI compute shifts from training to inference. Despite a recent stock sell-off following a Q2 revenue guidance miss, Broadcom's CEO reaffirmed the long-term target of $100 billion in annual AI chip revenue by fiscal 2027. With Q2 AI revenue at $10.8 billion, significant growth potential remains as its custom chip projects ramp up. While Broadcom trades at a higher valuation multiple than AMD, analysts argue this premium is justified given its superior competitive positioning and expected faster growth trajectory, making it the more compelling investment choice following its recent pullback.

marsbit3h ago

Broadcom vs AMD: Which is the Most Promising AI Chip Stock to Bet on After Nvidia?

marsbit3h ago

Trading

Spot
Futures

Hot Articles

Discussions

Welcome to the HTX Community. Here, you can stay informed about the latest platform developments and gain access to professional market insights. Users' opinions on the price of S (S) are presented below.

活动图片

Top Questions

Hot Categoriesright-arrow

Hot Tagsright-arrow