How a single copy-paste mistake cost a user $50M in USDt

cointelegraphPublicado em 2025-12-20Última atualização em 2025-12-20

Resumo

A user lost nearly $50 million in USDt in an address poisoning scam after mistakenly copying a malicious look-alike address from their transaction history. The scam works by attackers sending small transactions to a victim's wallet using addresses that closely resemble those of the victim's trusted contacts. In this case, the victim first sent a small test transaction to the correct address but then copied a fraudulent, similar-looking address for the full $50 million transfer. Onchain investigators noted the addresses shared the same first three and last four characters, a subtle similarity that can deceive even experienced users. The stolen funds were subsequently swapped for Ether and partially laundered through Tornado Cash. This incident highlights how such attacks exploit human error rather than technical vulnerabilities. The loss occurred amid a broader surge in crypto hacks, which reached $3.4 billion in losses in 2025.

A single transaction error led to one of the largest onchain losses seen this year, after a user mistakenly sent nearly $50 million in USDt to a scam address in a classic address poisoning attack.

According to onchain investigator Web3 Antivirus, the victim lost 49,999,950 USDt (USDT) after copying a malicious wallet address from their transaction history.

Address poisoning scams rely on look-alike wallet addresses being inserted into a victim’s transaction history via small transfers. When victims later copy an address from their transaction history, they may unknowingly select the scammer’s lookalike address instead of the intended recipient.

Onchain data shows the victim initially sent a small test transaction to the correct address. Minutes later, however, the full $50 million transfer was sent to the poisoned address.

User falls victim to address poisoning scam. Source: Web3 Antivirus

Related: Attacker takes over multisig minutes after creation, drains up to $40M slowly

Subtle address similarity enough to fool experienced users

Security researcher Cos, founder of SlowMist, noted the similarity between the addresses was subtle but enough to deceive even experienced users. “You can see the first 3 characters and last 4 characters are the same,” he wrote.

The victim’s wallet had been active for roughly two years and was primarily used for USDt transfers, according to onchain analysis. Shortly before the loss, the funds were withdrawn from Binance, suggesting the wallet was being actively managed at the time of the incident.

“This is the brutal reality of address poisoning, an attack that doesn’t rely on breaking systems, but on exploiting human habits,” another onchain analyst wrote.

The attacker has since swapped the stolen USDt for Ether (ETH), splitting it into multiple wallets, and partially moved it into Tornado Cash.

Related: Binance denies reports of delayed action over funds linked to Upbit hack

Crypto hacks hit $3.4 billion in 2025

As Cointelegraph reported, crypto-related hacks resulted in $3.4 billion in losses in 2025, marking the highest annual total since 2022. The surge was largely driven by a handful of massive breaches targeting major crypto entities rather than a broad rise in average attack size.

Just three incidents accounted for 69% of total losses this year, led by the $1.4 billion hack of crypto exchange Bybit, which alone made up nearly half of all stolen funds.

Magazine: 2026 is the year of pragmatic privacy in crypto — Canton, Zcash and more

Criptomoedas em alta

ctr
CitreaCTR
wstusdt
wrapped stUSDTWSTUSDT
apr
aPrioriAPR
ctx
Cryptex FinanceCTX
audio
AudiusAUDIO
comp
CompoundCOMP
mantra
MantraMANTRA
xvs
VenusXVS
waxl
AxelarWAXL
bill
Billions NetworkBILL
pyth
PYTH (Pyth)PYTH
rune
THORChainRUNE
velodrome
Velodrome FinanceVELODROME
brev
BrevisBREV
zrx
ZRX(0X)ZRX

Perguntas relacionadas

QWhat is an address poisoning scam and how did it lead to a $50 million loss?

AAn address poisoning scam is a type of attack where a scammer sends a small transaction to a victim's wallet using a look-alike address. The victim, when later copying an address from their transaction history, may accidentally select the scammer's fraudulent address instead of the legitimate one. In this case, the user mistakenly sent $50 million in USDt to the poisoned address.

QWhat detail did the security researcher from SlowMist point out about the fraudulent address?

AThe security researcher, Cos from SlowMist, noted that the similarity between the legitimate and the fraudulent address was very subtle. He pointed out that the first 3 characters and the last 4 characters of the two addresses were identical, which was enough to deceive even experienced users.

QWhat did the attacker do with the stolen USDt funds after the scam was successful?

AAfter successfully stealing the USDt, the attacker swapped the funds for Ether (ETH). They then split the ETH into multiple wallets and partially moved it into the privacy-focused mixing service, Tornado Cash.

QHow much was lost to crypto hacks in 2025 according to the article, and what was a major contributing factor?

AAccording to the article, crypto-related hacks resulted in $3.4 billion in losses in 2025. The surge was largely driven by a handful of massive breaches targeting major crypto entities, with just three incidents accounting for 69% of the total losses.

QWhat preliminary step did the victim take before sending the full $50 million, and why was it ineffective in preventing the loss?

AThe victim initially sent a small test transaction to the correct address. However, this was ineffective because the scammer's look-alike address was already in their transaction history from a previous, small 'poisoning' transfer. When the victim went to copy the address for the large transfer, they mistakenly selected the fraudulent one.

Leituras Relacionadas

Two Legends Lost in Three Days: Is Google's AI Talent Dam Cracking?

In three days, Google lost two AI legends. On June 18, Noam Shazeer, co-author of the seminal "Attention is All You Need" paper and Gemini co-lead, left for OpenAI. Just 48 hours later, John Jumper, 2024 Nobel laureate and AlphaFold lead, departed DeepMind for Anthropic. This follows Andrej Karpathy joining Anthropic in May. These moves highlight a structural trend: top AI talent is concentrating at mission-driven, pre-IPO firms like OpenAI and Anthropic, while Google becomes a primary source. The exodus stems from a core mission mismatch. Google's ad-centric model often subordinates AI research to product and revenue goals, creating friction for pioneers like Shazeer, who returned in 2024 only to leave again. In contrast, OpenAI and Anthropic offer singular focus on pushing AI boundaries, whether towards AGI or safety-aligned models, which deeply appeals to top researchers like Jumper. Financial incentives amplify the pull. With both OpenAI and Anthropic nearing IPO, employees stand to gain immensely from equity, an upside Google's mature stock cannot match. Furthermore, the 2023 merger of Google Brain and DeepMind, intended to consolidate strength, has instead created cultural tension and slowed the path from research to product, as evidenced by Gemini's pace. This talent redistribution is reshaping the AI landscape. While Google retains vast data and compute resources, its true crisis is the quiet, continuous loss of the people who define the field's future. The real moat in AI is not infrastructure, but the concentration of brilliant minds—a battle Google is currently losing.

marsbitHá 1h

Two Legends Lost in Three Days: Is Google's AI Talent Dam Cracking?

marsbitHá 1h

Behind the AI Report Card, Lies a Chinese 'Exam Setter'

Beyond the familiar performance charts like MMLU-Pro and MMMU, which major AI models strive to ace, stands a key "examiner": Chinese-Canadian researcher Wenhu Chen. An assistant professor at the University of Waterloo and founder of TIGERLab, Chen addresses the crucial need for more rigorous AI evaluation. As models like GPT-4 began scoring near-perfect results on older benchmarks like MMLU, it became difficult to distinguish their true capabilities. In response, Chen introduced MMLU-Pro in 2024, featuring harder, more reasoning-focused questions with more answer choices, successfully reintroducing meaningful performance gaps. His work extends to multi-modal evaluation with MMMU and its enhanced version, MMMU-Pro. These benchmarks test a model's ability to understand and reason with complex information from images, charts, and text across diverse academic subjects, exposing the significant challenges even top models face in genuine comprehension. Chen's background in complex QA, table reasoning, and his experience at Google DeepMind on projects like Gemini inform his approach. He understands that effective benchmarks must anticipate how models might "cheat" by memorizing data or avoiding visual analysis. His lab also actively researches video understanding and generation models (e.g., UniVideo, Vamba), ensuring his evaluation work is grounded in practical model-building challenges. Now at Meta's Super Intelligence Lab, Chen continues his focus on multi-modal data and evaluation, representing the deep yet often unseen contributions of Chinese talent in shaping the fundamental tools of the AI industry.

marsbitHá 1h

Behind the AI Report Card, Lies a Chinese 'Exam Setter'

marsbitHá 1h

Alliance Co-founder's Letter to Entrepreneurs: Written at the Moment Cursor Sold for $600 Billion

Alliance Co-founder's Letter to Entrepreneurs: On Cursor's $60 Billion Sale Many aspiring founders see massive exits like Cursor's $60B sale and wonder why they can't achieve the same, often concluding opportunities are exhausted. But great companies aren't built in obvious, crowded spaces. Cursor, like Stripe, Figma, and Shopify before it, started with a non-consensus belief about the future. Before ChatGPT, they believed AI would transform knowledge work. They focused on a genuinely exciting domain, became their own customer, and obsessed over power users. Their journey involved years of "glass-chewing" effort before the market was ready. The pattern is consistent: identify a long-term technological shift, find a missed entry point, and execute for years before the trend becomes obvious. First-generation products (PayPal, Adobe, Amazon) prove a market exists. Second-generation winners (Stripe, Figma, Shopify) rebuild that market around new insights, technology, or changing customer behaviors. Founders must identify their phase in the cycle. Early entrants like Coinbase or Cursor focus on making new technology usable for power users. Later entrants find the "yin" to the established "yang"—the blind spots incumbents miss as they grow distant from individual users. The key is deep market immersion. Use every product in your space. Talk to users. Build an audience. Stop looking for ideas and start *seeing* them everywhere. Then, choose one. The idea must offer a 10x improvement or solve a "hair-on-fire" pain point—something severe enough that users are already crafting workarounds. When building, avoid feature bloat. Ask: why would someone switch? Great startups rarely force new behaviors; they improve familiar workflows with drastically lower friction (e.g., Cursor forked VS Code instead of creating a new editor). Distribution is the underestimated moat. Before product-market fit, achieve distribution-market fit. How do customers discover new tools? Founders like those at Airbnb, Stripe, and Cursor did unscalable, manual work to recruit early users. The final, unteachable ingredient is resilience. Cursor built for years pre-market, faced rejection, and persisted. So did Airbnb, Nvidia, and Rain (which launched post-FTX collapse). The lesson isn't that these founders were smarter, but that they stayed in the game long enough for their insights to compound. Framework: Spot technological cycles. Cultivate unique insight. Obsess over your market. Talk to customers. Find a hair-on-fire problem. Build the simplest wedge. Win your distribution channel. Above all, don't quit when it gets hard. Most people won't do these things consistently. The few who do build the next generation of great companies. Go build.

marsbitHá 1h

Alliance Co-founder's Letter to Entrepreneurs: Written at the Moment Cursor Sold for $600 Billion

marsbitHá 1h

Weekly Editor's Picks (0613-0619)

Weekly Editor's Picks (0613-0619): Market Insights & Analysis This weekly digest curates in-depth analysis often lost in the information flow, focusing on key insights across macro trends, investment, and technology. **Macro & Geopolitics:** With the Strait of Hormuz reopening and military conflict shifting to negotiation, markets are pivoting from "war shock" to "supply restoration." Trades include shorting crude risk premiums, longing airlines/tourism, Asian energy importers, and bond duration, while shorting inflation expectations. LNG, fertilizer, and chemical chains are also being repriced. **Investment & VC:** Ray Dalio advises against betting on concentrated AI giants dominating indices, advocating for diversified portfolios of high-quality, low-correlation assets instead. Analysis covers the 4-year crypto cycle, predicting the core surviving product by 2029 will be asset trading markets. Current BTC metrics suggest a potential bottoming zone, presenting a patient accumulation window. SpaceX's high-profile IPO at a $2.1T valuation faces scrutiny over fundamentals, with key watchpoints being its likely inclusion in the Nasdaq index and Q2 earnings. Concerns are raised about potential "gamma squeeze" and systemic risks if its narrative-driven valuation gets amplified by passive index funds. Robinhood (HOOD) is noted for breaking its high correlation with crypto, bolstered by its stock trading and new underwriting business. **Web3 & AI:** A warning highlights ~$1.8T in off-balance-sheet AI infrastructure commitments (purchase commitments, leases) as a potential systemic risk if AI monetization lags. AI models are being used for World Cup predictions, adding a new layer for betting markets. A cost breakdown of a $20 AI subscription reveals the supply chain from model companies to cloud, GPUs, and power. **Prediction Markets:** The emergence of prediction market "concept stocks" is noted, with Robinhood developing its own platform, Rothera, signaling a shift from market competition to a "channel war" for user access. **CeFi & DeFi:** The SpaceX IPO tested perpetual contract mechanisms for pre-IPO assets, highlighting challenges in handling corporate actions like stock splits on-chain. The de-pegging of STRC (Strategy's preferred share) to ~$89 reflects market concerns over MicroStrategy's capital structure and BTC-backed leverage model. BlackRock's covered-call Bitcoin ETF (BITA) offers yield but caps upside, appealing to yield-seeking institutions. **Ethereum:** An opinion piece argues Ethereum's core strength is its vast developer community and composability, solidifying its role as the default operating system for the financial internet. **Weekly Hot Topics:** Include the US-Iran deal reopening the Strait of Hormuz, Fed's hawkish hold, Anthropic restricting model access, SpaceX acquiring Cursor, and a humorous stock surge for "Liuliumei" due to its "LLM" ticker.

marsbitHá 1h

Weekly Editor's Picks (0613-0619)

marsbitHá 1h

Alliance's Co-Founder's Letter to Entrepreneurs: Written on the Occasion of Cursor's $60 Billion Sale

In this letter to entrepreneurs, Alliance reflects on the success of Cursor's $60 billion sale to Elon Musk, using it as a case study to counter the misconception that opportunities in crowded fields like AI or crypto are exhausted. The piece argues that great companies like Cursor, Stripe, Figma, and Shopify are not built by geniuses with perfect ideas, but by founders who start with a non-consensus belief about the future and build for years before that future becomes obvious to everyone. They identify long-term shifts, find overlooked entry points, and execute relentlessly. The framework for success involves: 1. **Identifying your place in the technology cycle**: Early-stage opportunities focus on making new tech usable for power users (e.g., Coinbase, Cursor). Later-stage opportunities involve finding the "yin" to an existing "yang"—the blind spots of first-generation players (e.g., Stripe vs. PayPal, Figma vs. Adobe). 2. **Cultivating unique insights**: Immerse yourself deeply in the market. Use every product, talk to users, and build an audience. Insights will emerge naturally from deep engagement. 3. **Finding a "hair-on-fire" problem**: Look for a 10x improvement or a severe, urgent pain point. The strongest signal is people already building clumsy workarounds. 4. **Building a focused MVP**: Don't just add features because you can. Ask why users would abandon their current tool for yours. The best startups rarely force new behaviors; they improve familiar workflows with drastically lower friction. 5. **Winning a distribution channel**: Distribution is often the moat. Before product-market fit, achieve channel-market fit. Find where your customers are and build an engine to reach them, even through unscalable, manual efforts initially. 6. **Persistence**: The final, unteachable ingredient is resilience. Success stories like Cursor, Airbnb, and Nvidia involved years of grinding, rejection, and perseverance when the path forward seemed unclear. The conclusion is that there is no secret. Most people fail to consistently execute these steps over the long term. The few who do build the companies that define the next era. The world is yours to create.

链捕手Há 1h

Alliance's Co-Founder's Letter to Entrepreneurs: Written on the Occasion of Cursor's $60 Billion Sale

链捕手Há 1h

Trading

Spot
Futuros

Artigos em Destaque

O que é XAG

O Contrato Perpétuo XAGUSDT é o símbolo de negociação para prata cotada em dólares americanos, representando 1 onça troy de prata.

8 Visualizações TotaisPublicado em {updateTime}Atualizado em 2026.06.18

O que é XAG

Como comprar XAG

Bem-vindo à HTX.com!Tornámos a compra de Silver (XAG) simples e conveniente.Segue o nosso guia passo a passo para iniciar a tua jornada no mundo das criptos.Passo 1: cria a tua conta HTXUtiliza o teu e-mail ou número de telefone para te inscreveres numa conta gratuita na HTX.Desfruta de um processo de inscrição sem complicações e desbloqueia todas as funcionalidades.Obter a minha contaPasso 2: vai para Comprar Cripto e escolhe o teu método de pagamentoCartão de crédito/débito: usa o teu visa ou mastercard para comprar Silver (XAG) instantaneamente.Saldo: usa os fundos da tua conta HTX para transacionar sem problemas.Terceiros: adicionamos métodos de pagamento populares, como Google Pay e Apple Pay, para aumentar a conveniência.P2P: transaciona diretamente com outros utilizadores na HTX.Mercado de balcão (OTC): oferecemos serviços personalizados e taxas de câmbio competitivas para os traders.Passo 3: armazena teu Silver (XAG)Depois de comprar o teu Silver (XAG), armazena-o na tua conta HTX.Alternativamente, podes enviá-lo para outro lugar através de transferência blockchain ou usá-lo para transacionar outras criptomoedas.Passo 4: transaciona Silver (XAG)Transaciona facilmente Silver (XAG) no mercado à vista da HTX.Acede simplesmente à tua conta, seleciona o teu par de trading, executa as tuas transações e monitoriza em tempo real.Oferecemos uma experiência de fácil utilização tanto para principiantes como para traders experientes.

4 Visualizações TotaisPublicado em {updateTime}Atualizado em 2026.06.18

Como comprar XAG

Como comprar XAU

Bem-vindo à HTX.com!Tornámos a compra de Gold (XAU) simples e conveniente.Segue o nosso guia passo a passo para iniciar a tua jornada no mundo das criptos.Passo 1: cria a tua conta HTXUtiliza o teu e-mail ou número de telefone para te inscreveres numa conta gratuita na HTX.Desfruta de um processo de inscrição sem complicações e desbloqueia todas as funcionalidades.Obter a minha contaPasso 2: vai para Comprar Cripto e escolhe o teu método de pagamentoCartão de crédito/débito: usa o teu visa ou mastercard para comprar Gold (XAU) instantaneamente.Saldo: usa os fundos da tua conta HTX para transacionar sem problemas.Terceiros: adicionamos métodos de pagamento populares, como Google Pay e Apple Pay, para aumentar a conveniência.P2P: transaciona diretamente com outros utilizadores na HTX.Mercado de balcão (OTC): oferecemos serviços personalizados e taxas de câmbio competitivas para os traders.Passo 3: armazena teu Gold (XAU)Depois de comprar o teu Gold (XAU), armazena-o na tua conta HTX.Alternativamente, podes enviá-lo para outro lugar através de transferência blockchain ou usá-lo para transacionar outras criptomoedas.Passo 4: transaciona Gold (XAU)Transaciona facilmente Gold (XAU) no mercado à vista da HTX.Acede simplesmente à tua conta, seleciona o teu par de trading, executa as tuas transações e monitoriza em tempo real.Oferecemos uma experiência de fácil utilização tanto para principiantes como para traders experientes.

4 Visualizações TotaisPublicado em {updateTime}Atualizado em 2026.06.18

Como comprar XAU

Discussões

Bem-vindo à Comunidade HTX. Aqui, pode manter-se informado sobre os mais recentes desenvolvimentos da plataforma e obter acesso a análises profissionais de mercado. As opiniões dos utilizadores sobre o preço de A (A) são apresentadas abaixo.

活动图片

Categorias popularesright-arrow

Etiquetas Popularesright-arrow