How a single copy-paste mistake cost a user $50M in USDt

cointelegraphPublicado em 2025-12-20Última atualização em 2025-12-20

Resumo

A user lost nearly $50 million in USDt in an address poisoning scam after mistakenly copying a malicious look-alike address from their transaction history. The scam works by attackers sending small transactions to a victim's wallet using addresses that closely resemble those of the victim's trusted contacts. In this case, the victim first sent a small test transaction to the correct address but then copied a fraudulent, similar-looking address for the full $50 million transfer. Onchain investigators noted the addresses shared the same first three and last four characters, a subtle similarity that can deceive even experienced users. The stolen funds were subsequently swapped for Ether and partially laundered through Tornado Cash. This incident highlights how such attacks exploit human error rather than technical vulnerabilities. The loss occurred amid a broader surge in crypto hacks, which reached $3.4 billion in losses in 2025.

A single transaction error led to one of the largest onchain losses seen this year, after a user mistakenly sent nearly $50 million in USDt to a scam address in a classic address poisoning attack.

According to onchain investigator Web3 Antivirus, the victim lost 49,999,950 USDt (USDT) after copying a malicious wallet address from their transaction history.

Address poisoning scams rely on look-alike wallet addresses being inserted into a victim’s transaction history via small transfers. When victims later copy an address from their transaction history, they may unknowingly select the scammer’s lookalike address instead of the intended recipient.

Onchain data shows the victim initially sent a small test transaction to the correct address. Minutes later, however, the full $50 million transfer was sent to the poisoned address.

*User falls victim to address poisoning scam. Source:* *Web3 Antivirus*

Related: Attacker takes over multisig minutes after creation, drains up to $40M slowly

Subtle address similarity enough to fool experienced users

Security researcher Cos, founder of SlowMist, noted the similarity between the addresses was subtle but enough to deceive even experienced users. “You can see the first 3 characters and last 4 characters are the same,” he wrote.

The victim’s wallet had been active for roughly two years and was primarily used for USDt transfers, according to onchain analysis. Shortly before the loss, the funds were withdrawn from Binance, suggesting the wallet was being actively managed at the time of the incident.

“This is the brutal reality of address poisoning, an attack that doesn’t rely on breaking systems, but on exploiting human habits,” another onchain analyst wrote.

The attacker has since swapped the stolen USDt for Ether (ETH), splitting it into multiple wallets, and partially moved it into Tornado Cash.

Related: Binance denies reports of delayed action over funds linked to Upbit hack

Crypto hacks hit $3.4 billion in 2025

As Cointelegraph reported, crypto-related hacks resulted in $3.4 billion in losses in 2025, marking the highest annual total since 2022. The surge was largely driven by a handful of massive breaches targeting major crypto entities rather than a broad rise in average attack size.

Just three incidents accounted for 69% of total losses this year, led by the $1.4 billion hack of crypto exchange Bybit, which alone made up nearly half of all stolen funds.

Magazine: 2026 is the year of pragmatic privacy in crypto — Canton, Zcash and more

Perguntas relacionadas

QWhat is an address poisoning scam and how did it lead to a $50 million loss?

AAn address poisoning scam is a type of attack where a scammer sends a small transaction to a victim's wallet using a look-alike address. The victim, when later copying an address from their transaction history, may accidentally select the scammer's fraudulent address instead of the legitimate one. In this case, the user mistakenly sent $50 million in USDt to the poisoned address.

QWhat detail did the security researcher from SlowMist point out about the fraudulent address?

AThe security researcher, Cos from SlowMist, noted that the similarity between the legitimate and the fraudulent address was very subtle. He pointed out that the first 3 characters and the last 4 characters of the two addresses were identical, which was enough to deceive even experienced users.

QWhat did the attacker do with the stolen USDt funds after the scam was successful?

AAfter successfully stealing the USDt, the attacker swapped the funds for Ether (ETH). They then split the ETH into multiple wallets and partially moved it into the privacy-focused mixing service, Tornado Cash.

QHow much was lost to crypto hacks in 2025 according to the article, and what was a major contributing factor?

AAccording to the article, crypto-related hacks resulted in $3.4 billion in losses in 2025. The surge was largely driven by a handful of massive breaches targeting major crypto entities, with just three incidents accounting for 69% of the total losses.

QWhat preliminary step did the victim take before sending the full $50 million, and why was it ineffective in preventing the loss?

AThe victim initially sent a small test transaction to the correct address. However, this was ineffective because the scammer's look-alike address was already in their transaction history from a previous, small 'poisoning' transfer. When the victim went to copy the address for the large transfer, they mistakenly selected the fraudulent one.

Leituras Relacionadas

Is altseason finally brewing? Only if THESE 2 indicators flip first

Hopes for an altcoin season in 2026 are building as investors look beyond Bitcoin, but conditions for a full altcoin rally are not yet firmly in place. Two key indicators need to flip first. The latest ISM Manufacturing PMI reached 52.6%, its highest in nearly 40 months, pushing U.S. manufacturing into expansion territory. Historically, altcoin rallies followed periods when ISM moved decisively higher, particularly above the 55 mark, as seen in 2017 and 2021. While current levels are below that threshold, a potential turning point may be emerging. However, Ethereum (ETH), a known harbinger of altseason, has closed in the red for 12 of the last 15 months, showing a prolonged stretch of weakness with uneven gains and frequent drawdowns. Sustained altseasons have almost always followed a clear and consistent uptrend in Ethereum. Furthermore, the Altcoin Season Index from CoinGlass was at 39, below the level that usually indicates a rotation away from Bitcoin. At the same time, Bitcoin dominance (BTC.D) remained high near 60% on the daily chart. Altseasons typically begin with a clear decline in BTC dominance as investors move down the risk curve, a shift that has not yet occurred. Overall, while altseason expectations are growing, they may be premature. Early macro signals are improving, but the market lacks a trigger for a true altseason, and capital remains firmly in Bitcoin.

ambcryptoHá 1m

Is altseason finally brewing? Only if THESE 2 indicators flip first

ambcryptoHá 1m

Analysts Tip Maxi Doge at $0.00028 As Best Crypto to Buy Now

Analysts are highlighting Maxi Doge ($MAXI) as a top cryptocurrency to buy now, currently priced at $0.0002801 in its presale which has already raised over $4.5 million. Unlike typical meme coins, it targets the high-leverage trading subculture with a "gym-bro" aesthetic and tangible utility. Key features include aggressive staking incentives with high APYs, a dedicated treasury (25% of supply) for marketing and liquidity, and plans for gamified trading contests. The project's smart contracts are audited by SolidProof and Coinsult, ensuring security. With a rising price model and upcoming DEX/CEX listings, the window to buy at the current price is closing.

bitcoinistHá 2m

Analysts Tip Maxi Doge at $0.00028 As Best Crypto to Buy Now

bitcoinistHá 2m

Why Investors Rank Maxi Doge Among the Best Meme Coins to Buy During This Market Shakeout

Amidst a volatile 2026 crypto market, investors are rotating capital into high-alpha presale opportunities as a buffer against open market swings. Maxi Doge (MAXI) is emerging as a top meme coin, blending "gym-bro" culture with tangible utility. It has raised over $4.5 million, leveraging a "presale shield" that protects early investors from market volatility. Unlike typical meme coins, MAXI offers a multi-layered ecosystem: a treasury fund (25% of supply), gamified trading competitions with USDT and MAXI rewards, and Ethereum-based security with an audited contract. On-chain data shows significant purchases, including one over $314,000, and a 68% staking APY attracts yield seekers. With the presale price set to rise soon, MAXI is positioned as a high-potential asset for recovery-focused traders.

bitcoinistHá 11m

Why Investors Rank Maxi Doge Among the Best Meme Coins to Buy During This Market Shakeout

bitcoinistHá 11m

Actually, the Crypto Winter Began in January 2025

The crypto winter began in January 2025, though many only recently acknowledged it. Bitcoin and Ethereum have fallen 39% and 53% from their October 2025 peaks, with steeper declines for other assets. This is a full bear market, not a correction, driven by over-leverage and profit-taking. Positive developments like regulatory progress and institutional adoption have been ignored amid the downturn, typical of crypto winters where good news fails to lift prices. Historically, crypto winters last around 13 months. However, this one may be closer to ending than it appears, as it effectively started in January 2025. ETF and digital asset trust (DAT) inflows masked the reality for some assets. Bitcoin, Ethereum, and XRP saw milder declines (10–20%) due to institutional support, while assets like ADA, AVAX, SUI, and DOT fell 62–75% without such backing. Without $75 billion in ETF/DAT buying, Bitcoin’s drop would have been closer to 60%. The retail crypto market has been in winter since January 2025. Despite the gloom, fundamental strengths remain: regulatory clarity, institutional adoption, stablecoins, tokenization, and Wall Street embrace. These positive factors are stored energy that will fuel the next rally when sentiment shifts. Triggers could include strong economic growth, pro-crypto regulatory surprises, sovereign adoption of Bitcoin, or simply time. As with past winters, the end feels near—despair and frustration are common precursors to recovery. Spring is likely coming soon.

marsbitHá 24m

Actually, the Crypto Winter Began in January 2025

marsbitHá 24m

Epstein's Early Crypto Investments Resurface, Tether Launches Bitcoin Mining OS: What's the Overseas Crypto Community Talking About Today?

In the past 24 hours, the crypto market evolved across multiple fronts. Key discussions centered on structural changes in stablecoins and trading infrastructure, alongside governance and risk debates around exchanges and market-making mechanisms. Mainstream topics included newly disclosed files showing Epstein’s early investments in Coinbase and Blockstream, sparking community debates on Bitcoin’s reputation and decentralization. Several blockchains, including Solana and Monad, launched AI-focused hackathons to advance agent-based trading and automation. Binance’s CZ responded to FUD with selective clarifications, drawing mixed reactions. Tether released MOS, an open-source Bitcoin mining OS aimed at improving efficiency and hardware compatibility. Ecosystem-wise, Solana set new records in daily active transactions, signaling a strong recovery in utility and adoption. Ethereum explored cross-rollup atomic composability to improve interoperability between L2s. Perp DEX Hyperliquid introduced CLI tools for AI-agent trading, advancing automated infrastructure. Other notable updates: stablecoin monthly trading volume surpassed $10 trillion, highlighting growing adoption. Wintermute’s founder criticized internal market makers at some exchanges, raising concerns over liquidity and risk management. Overall, sentiment is cautiously optimistic, with emphasis on infrastructure maturity, AI integration, and the need for robust, decentralized solutions.

marsbitHá 25m

Epstein's Early Crypto Investments Resurface, Tether Launches Bitcoin Mining OS: What's the Overseas Crypto Community Talking About Today?

marsbitHá 25m

Trading

Spot

Futuros

Artigos em Destaque

Como comprar BIRB

Bem-vindo à HTX.com!Tornámos a compra de Moonbirds (BIRB) simples e conveniente.Segue o nosso guia passo a passo para iniciar a tua jornada no mundo das criptos.Passo 1: cria a tua conta HTXUtiliza o teu e-mail ou número de telefone para te inscreveres numa conta gratuita na HTX.Desfruta de um processo de inscrição sem complicações e desbloqueia todas as funcionalidades.Obter a minha contaPasso 2: vai para Comprar Cripto e escolhe o teu método de pagamentoCartão de crédito/débito: usa o teu visa ou mastercard para comprar Moonbirds (BIRB) instantaneamente.Saldo: usa os fundos da tua conta HTX para transacionar sem problemas.Terceiros: adicionamos métodos de pagamento populares, como Google Pay e Apple Pay, para aumentar a conveniência.P2P: transaciona diretamente com outros utilizadores na HTX.Mercado de balcão (OTC): oferecemos serviços personalizados e taxas de câmbio competitivas para os traders.Passo 3: armazena teu Moonbirds (BIRB)Depois de comprar o teu Moonbirds (BIRB), armazena-o na tua conta HTX.Alternativamente, podes enviá-lo para outro lugar através de transferência blockchain ou usá-lo para transacionar outras criptomoedas.Passo 4: transaciona Moonbirds (BIRB)Transaciona facilmente Moonbirds (BIRB) no mercado à vista da HTX.Acede simplesmente à tua conta, seleciona o teu par de trading, executa as tuas transações e monitoriza em tempo real.Oferecemos uma experiência de fácil utilização tanto para principiantes como para traders experientes.

132 Visualizações TotaisPublicado em {updateTime}Atualizado em 2026.01.28

Como comprar USDE

Bem-vindo à HTX.com!Tornámos a compra de USDE (USDE) simples e conveniente.Segue o nosso guia passo a passo para iniciar a tua jornada no mundo das criptos.Passo 1: cria a tua conta HTXUtiliza o teu e-mail ou número de telefone para te inscreveres numa conta gratuita na HTX.Desfruta de um processo de inscrição sem complicações e desbloqueia todas as funcionalidades.Obter a minha contaPasso 2: vai para Comprar Cripto e escolhe o teu método de pagamentoCartão de crédito/débito: usa o teu visa ou mastercard para comprar USDE (USDE) instantaneamente.Saldo: usa os fundos da tua conta HTX para transacionar sem problemas.Terceiros: adicionamos métodos de pagamento populares, como Google Pay e Apple Pay, para aumentar a conveniência.P2P: transaciona diretamente com outros utilizadores na HTX.Mercado de balcão (OTC): oferecemos serviços personalizados e taxas de câmbio competitivas para os traders.Passo 3: armazena teu USDE (USDE)Depois de comprar o teu USDE (USDE), armazena-o na tua conta HTX.Alternativamente, podes enviá-lo para outro lugar através de transferência blockchain ou usá-lo para transacionar outras criptomoedas.Passo 4: transaciona USDE (USDE)Transaciona facilmente USDE (USDE) no mercado à vista da HTX.Acede simplesmente à tua conta, seleciona o teu par de trading, executa as tuas transações e monitoriza em tempo real.Oferecemos uma experiência de fácil utilização tanto para principiantes como para traders experientes.

90 Visualizações TotaisPublicado em {updateTime}Atualizado em 2026.01.29

O que é INX

I. Introdução ao ProjetoInfinex é uma nova aplicação de criptomoeda lançada pela Synthetix, que oferece acesso a vários protocolos, serviços e aplicações em cadeia, permitindo aos utilizadores alternar sem esforço entre diferentes protocolos e cadeias DeFi numa interface unificada.II. Informações Básicas sobre o TokenSímbolo do token: INX (Infinex)III. Links RelevantesWebsite: https://infinex.xyz/Link do bloco: https://etherscan.io/token/0xdef1b2d939edc0e4d35806c59b3166f790175afeMídias sociais: https://x.com/infinexAtenção: A descrição do projeto é baseada nas informações publicadas ou fornecidas pela equipa oficial do projeto, podendo conter informações desatualizadas, incorretas ou omissões. O conteúdo relacionado é apenas para referência e não constitui aconselhamento de investimento. A HTX não se responsabiliza por quaisquer perdas diretas ou indiretas resultantes da dependência dessas informações.

80 Visualizações TotaisPublicado em {updateTime}Atualizado em 2026.01.30

Discussões

Bem-vindo à Comunidade HTX. Aqui, pode manter-se informado sobre os mais recentes desenvolvimentos da plataforma e obter acesso a análises profissionais de mercado. As opiniões dos utilizadores sobre o preço de A (A) são apresentadas abaixo.