How a single copy-paste mistake cost a user $50M in USDt

cointelegraphPublicado em 2025-12-20Última atualização em 2025-12-20

Resumo

A user lost nearly $50 million in USDt in an address poisoning scam after mistakenly copying a malicious look-alike address from their transaction history. The scam works by attackers sending small transactions to a victim's wallet using addresses that closely resemble those of the victim's trusted contacts. In this case, the victim first sent a small test transaction to the correct address but then copied a fraudulent, similar-looking address for the full $50 million transfer. Onchain investigators noted the addresses shared the same first three and last four characters, a subtle similarity that can deceive even experienced users. The stolen funds were subsequently swapped for Ether and partially laundered through Tornado Cash. This incident highlights how such attacks exploit human error rather than technical vulnerabilities. The loss occurred amid a broader surge in crypto hacks, which reached $3.4 billion in losses in 2025.

A single transaction error led to one of the largest onchain losses seen this year, after a user mistakenly sent nearly $50 million in USDt to a scam address in a classic address poisoning attack.

According to onchain investigator Web3 Antivirus, the victim lost 49,999,950 USDt (USDT) after copying a malicious wallet address from their transaction history.

Address poisoning scams rely on look-alike wallet addresses being inserted into a victim’s transaction history via small transfers. When victims later copy an address from their transaction history, they may unknowingly select the scammer’s lookalike address instead of the intended recipient.

Onchain data shows the victim initially sent a small test transaction to the correct address. Minutes later, however, the full $50 million transfer was sent to the poisoned address.

User falls victim to address poisoning scam. Source: Web3 Antivirus

Related: Attacker takes over multisig minutes after creation, drains up to $40M slowly

Subtle address similarity enough to fool experienced users

Security researcher Cos, founder of SlowMist, noted the similarity between the addresses was subtle but enough to deceive even experienced users. “You can see the first 3 characters and last 4 characters are the same,” he wrote.

The victim’s wallet had been active for roughly two years and was primarily used for USDt transfers, according to onchain analysis. Shortly before the loss, the funds were withdrawn from Binance, suggesting the wallet was being actively managed at the time of the incident.

“This is the brutal reality of address poisoning, an attack that doesn’t rely on breaking systems, but on exploiting human habits,” another onchain analyst wrote.

The attacker has since swapped the stolen USDt for Ether (ETH), splitting it into multiple wallets, and partially moved it into Tornado Cash.

Related: Binance denies reports of delayed action over funds linked to Upbit hack

Crypto hacks hit $3.4 billion in 2025

As Cointelegraph reported, crypto-related hacks resulted in $3.4 billion in losses in 2025, marking the highest annual total since 2022. The surge was largely driven by a handful of massive breaches targeting major crypto entities rather than a broad rise in average attack size.

Just three incidents accounted for 69% of total losses this year, led by the $1.4 billion hack of crypto exchange Bybit, which alone made up nearly half of all stolen funds.

Magazine: 2026 is the year of pragmatic privacy in crypto — Canton, Zcash and more

Criptomoedas em alta

ctr
CitreaCTR
wstusdt
wrapped stUSDTWSTUSDT
apr
aPrioriAPR
ctx
Cryptex FinanceCTX
audio
AudiusAUDIO
comp
CompoundCOMP
mantra
MantraMANTRA
xvs
VenusXVS
waxl
AxelarWAXL
bill
Billions NetworkBILL
pyth
PYTH (Pyth)PYTH
rune
THORChainRUNE
velodrome
Velodrome FinanceVELODROME
brev
BrevisBREV
zrx
ZRX(0X)ZRX

Perguntas relacionadas

QWhat is an address poisoning scam and how did it lead to a $50 million loss?

AAn address poisoning scam is a type of attack where a scammer sends a small transaction to a victim's wallet using a look-alike address. The victim, when later copying an address from their transaction history, may accidentally select the scammer's fraudulent address instead of the legitimate one. In this case, the user mistakenly sent $50 million in USDt to the poisoned address.

QWhat detail did the security researcher from SlowMist point out about the fraudulent address?

AThe security researcher, Cos from SlowMist, noted that the similarity between the legitimate and the fraudulent address was very subtle. He pointed out that the first 3 characters and the last 4 characters of the two addresses were identical, which was enough to deceive even experienced users.

QWhat did the attacker do with the stolen USDt funds after the scam was successful?

AAfter successfully stealing the USDt, the attacker swapped the funds for Ether (ETH). They then split the ETH into multiple wallets and partially moved it into the privacy-focused mixing service, Tornado Cash.

QHow much was lost to crypto hacks in 2025 according to the article, and what was a major contributing factor?

AAccording to the article, crypto-related hacks resulted in $3.4 billion in losses in 2025. The surge was largely driven by a handful of massive breaches targeting major crypto entities, with just three incidents accounting for 69% of the total losses.

QWhat preliminary step did the victim take before sending the full $50 million, and why was it ineffective in preventing the loss?

AThe victim initially sent a small test transaction to the correct address. However, this was ineffective because the scammer's look-alike address was already in their transaction history from a previous, small 'poisoning' transfer. When the victim went to copy the address for the large transfer, they mistakenly selected the fraudulent one.

Leituras Relacionadas

Analysis of the Latest Portfolio Adjustment by the "Top Player" in the U.S. Stock Market: $9 Billion Short on NVIDIA, Shifting Focus to Power and Memory Sectors

AI investor Leopold Aschenbrenner has made a significant portfolio shift, taking a $9 billion nominal short position against top AI infrastructure stocks like NVIDIA, ASML, and Oracle. Simultaneously, he is redirecting capital towards what he sees as the next critical bottlenecks in the AI boom: power, memory, and data center networking, alongside private investments in AI model companies like Anthropic. This move is interpreted not as a call that the AI bubble has burst, but as a rotation within the infrastructure stack. The analysis highlights NVIDIA's recent $25 billion bond issuance as a potential signal, questioning why a cash-rich company would seek external debt despite high profits and increased dividends/buybacks. The core investment thesis is that the initial, crowded "picks and shovels" trade in semiconductors is maturing. The next wave of capital is expected to flow into the physical and logistical constraints of AI expansion: electricity supply, memory chip capacity, data center construction, and enabling technologies like optical networking (fiber) for high-bandwidth communication, where copper remains crucial for short distances. Aschenbrenner's substantial (approx. 20% of fund) private stake in Anthropic is noted as a key part of his strategy—investing directly in the "mine" (AI models) rather than just the "shovels." The discussion concludes that while certain segments may be overvalued, the overarching AI infrastructure demand driven by real product usage remains robust. The most promising long-term investments are seen in essential, non-sexy infrastructure—particularly energy and power companies—whose demand is viewed as a global constant irrespective of AI's cyclicality.

marsbitHá 24m

Analysis of the Latest Portfolio Adjustment by the "Top Player" in the U.S. Stock Market: $9 Billion Short on NVIDIA, Shifting Focus to Power and Memory Sectors

marsbitHá 24m

BIT Research: Liquidity is Disappearing, Will Bitcoin Replay the Bottoming Pattern of 2022?

The crypto market is currently in an adjustment phase driven by policy expectations and liquidity shifts. Despite a brief rebound fueled by geopolitical easing and SpaceX's strong IPO performance, unexpectedly hawkish signals from new Fed Chair Kevin Warsh have removed anticipated easing support. Concurrently, stablecoin liquidity is shrinking, with insufficient new capital inflows, pushing the market into a typically quiet summer period. Pricing lacks catalysts for a sustained rally. Daily trading volume has significantly contracted, stablecoin growth has slowed markedly, and the supportive effect of Strategy's (formerly MicroStrategy) STRC preferred stock-financed Bitcoin purchases is fading. Amid policy uncertainty, seasonal weakness, and liquidity contraction, Bitcoin faces near-term downward pressure. Warsh's hawkish pivot and refusal to provide a clear policy outlook have increased risk premiums, historically unfavorable for Bitcoin. Technically, the trend remains bearish below $73,700, with $62,446 as critical support. A break below could accelerate declines, though a prolonged consolidation phase, similar to 2022's bottoming process, is possible. Liquidity is a core constraint. Current daily volume is around $500 billion, roughly 25% of the peak during the July-Oct 2025 rally. The 12-month growth rates for USDT and USDC have fallen to ~20%, with 6-month growth near zero, indicating weak new inflows. Bitcoin ETF and Strategy-driven inflows have also weakened, with a 30-day rolling net outflow. With inflation at 4.2% above the Fed's target, combined hawkish policy, seasonal factors, and liquidity shortages challenge Bitcoin's ability to hold above $60,000. However, this adjustment phase may be forming a cyclical low this summer, potentially setting the stage for the next bull cycle.

marsbitHá 52m

BIT Research: Liquidity is Disappearing, Will Bitcoin Replay the Bottoming Pattern of 2022?

marsbitHá 52m

Mining Companies' High-Stakes Bet on AI: Valuations Enter a Phase of Divergence, Uphill Battle Ahead

Crypto miners are facing increasing pressure amid weak digital asset markets, pushing many to pivot towards AI infrastructure as a new growth avenue. Leveraging existing assets like power resources, land, and cooling systems, miners can convert facilities for AI compute at lower costs. This transition narrative has fueled significant stock rallies, with some miners' shares outperforming Bitcoin year-to-date. Market valuations have diverged, with pioneers like CoreWeave reaching a multi-billion dollar valuation, while others lag. The shift is driven by AI's explosive demand for data centers and compute, with clients willing to pay premiums for power and space. However, the transformation is capital-intensive, requiring massive funding for GPU procurement and facility upgrades, with an estimated short-term funding gap of $50 billion. Miners are raising capital through convertible bonds, Bitcoin sales, and securing long-term AI contracts to finance the build-out. While AI offers greater long-term potential than mining, success hinges on execution, timely project delivery, and securing quality tenants, moving the valuation focus from power capacity to cash flow and return metrics.

marsbitHá 1h

Mining Companies' High-Stakes Bet on AI: Valuations Enter a Phase of Divergence, Uphill Battle Ahead

marsbitHá 1h

Who Makes the Best Use of Claude Code? The Answer Might Not Be Programmers

Claude Code Usage Report Summary (Based on ~400k sessions) Core Finding: In agentic programming with Claude Code, a clear division of labor has emerged: humans primarily decide *what* to build (planning decisions), while Claude decides *how* to build it (execution decisions). Key Insights: 1. **Effectiveness is not limited to programmers.** In code-generation tasks, success rates for users in non-technical fields (law, finance, management, research) are nearing those of software engineers. What matters most is the user's domain expertise and understanding of the problem to be solved. 2. **Domain expertise drives success and efficiency.** Sessions where users exhibited "expert" proficiency in the task's domain saw verified success rates double compared to "novice" sessions. Experts also delegated more work per instruction, with Claude executing more actions and producing more output. 3. **AI is amplifying, not replacing, domain knowledge.** Claude Code lowers the *implementation* barrier, not the *judgment* barrier. The value of knowing the "what" and "why" is increasing relative to just knowing the "how" to code. 4. **Usage is evolving.** Over a 7-month period (Oct '25 - Apr '26), the share of sessions for debugging halved, while use for software operations, data analysis, and non-code writing roughly doubled. The estimated economic value of typical tasks increased by ~25%. Conclusion: The data suggests coding agents are making programming background less critical for completing technical tasks. However, they reward and amplify deep domain understanding. The ability to successfully direct an AI agent stems more from mastery of a specific field than from coding skill itself. The primary gains come from being competent in a domain; deep specialization adds only marginal additional advantage. This may signal a shift where software creation becomes integrated into various professions.

marsbitHá 1h

Who Makes the Best Use of Claude Code? The Answer Might Not Be Programmers

marsbitHá 1h

Strategy's Preferred Stock STRC Unpegs by 11%, Can Its Perpetual Motion Machine Keep Spinning?

The preferred stock STRC issued by Strategy (MicroStrategy) has depegged over 11% from its $100 target par value, raising questions about the sustainability of the company's capital flywheel strategy. STRC, a perpetual preferred stock designed to trade around $100, serves as a key engine for Strategy's expansion, allowing it to raise fiat currency via at-the-market offerings to buy Bitcoin without diluting common shareholder equity. Its depegging, despite dividend rate hikes, suggests market concerns extend beyond yield to the core stability of Strategy's model. Analysts point to potential leveraged unwinding and, more critically, worries about Strategy's liquidity. While the company cites its massive Bitcoin holdings as covering decades of dividends, a recent small BTC sale—a first—has shaken confidence in its "never sell" narrative. If STRC remains discounted, impairing Strategy's fundraising ability, fears may grow that the company could be forced to sell Bitcoin to meet obligations, potentially turning a major market buyer into a seller and exerting significant downward pressure on Bitcoin's price.

marsbitHá 2h

Strategy's Preferred Stock STRC Unpegs by 11%, Can Its Perpetual Motion Machine Keep Spinning?

marsbitHá 2h

Trading

Spot
Futuros

Artigos em Destaque

O que é XAG

O Contrato Perpétuo XAGUSDT é o símbolo de negociação para prata cotada em dólares americanos, representando 1 onça troy de prata.

8 Visualizações TotaisPublicado em {updateTime}Atualizado em 2026.06.18

O que é XAG

Como comprar XAG

Bem-vindo à HTX.com!Tornámos a compra de Silver (XAG) simples e conveniente.Segue o nosso guia passo a passo para iniciar a tua jornada no mundo das criptos.Passo 1: cria a tua conta HTXUtiliza o teu e-mail ou número de telefone para te inscreveres numa conta gratuita na HTX.Desfruta de um processo de inscrição sem complicações e desbloqueia todas as funcionalidades.Obter a minha contaPasso 2: vai para Comprar Cripto e escolhe o teu método de pagamentoCartão de crédito/débito: usa o teu visa ou mastercard para comprar Silver (XAG) instantaneamente.Saldo: usa os fundos da tua conta HTX para transacionar sem problemas.Terceiros: adicionamos métodos de pagamento populares, como Google Pay e Apple Pay, para aumentar a conveniência.P2P: transaciona diretamente com outros utilizadores na HTX.Mercado de balcão (OTC): oferecemos serviços personalizados e taxas de câmbio competitivas para os traders.Passo 3: armazena teu Silver (XAG)Depois de comprar o teu Silver (XAG), armazena-o na tua conta HTX.Alternativamente, podes enviá-lo para outro lugar através de transferência blockchain ou usá-lo para transacionar outras criptomoedas.Passo 4: transaciona Silver (XAG)Transaciona facilmente Silver (XAG) no mercado à vista da HTX.Acede simplesmente à tua conta, seleciona o teu par de trading, executa as tuas transações e monitoriza em tempo real.Oferecemos uma experiência de fácil utilização tanto para principiantes como para traders experientes.

4 Visualizações TotaisPublicado em {updateTime}Atualizado em 2026.06.18

Como comprar XAG

Como comprar XAU

Bem-vindo à HTX.com!Tornámos a compra de Gold (XAU) simples e conveniente.Segue o nosso guia passo a passo para iniciar a tua jornada no mundo das criptos.Passo 1: cria a tua conta HTXUtiliza o teu e-mail ou número de telefone para te inscreveres numa conta gratuita na HTX.Desfruta de um processo de inscrição sem complicações e desbloqueia todas as funcionalidades.Obter a minha contaPasso 2: vai para Comprar Cripto e escolhe o teu método de pagamentoCartão de crédito/débito: usa o teu visa ou mastercard para comprar Gold (XAU) instantaneamente.Saldo: usa os fundos da tua conta HTX para transacionar sem problemas.Terceiros: adicionamos métodos de pagamento populares, como Google Pay e Apple Pay, para aumentar a conveniência.P2P: transaciona diretamente com outros utilizadores na HTX.Mercado de balcão (OTC): oferecemos serviços personalizados e taxas de câmbio competitivas para os traders.Passo 3: armazena teu Gold (XAU)Depois de comprar o teu Gold (XAU), armazena-o na tua conta HTX.Alternativamente, podes enviá-lo para outro lugar através de transferência blockchain ou usá-lo para transacionar outras criptomoedas.Passo 4: transaciona Gold (XAU)Transaciona facilmente Gold (XAU) no mercado à vista da HTX.Acede simplesmente à tua conta, seleciona o teu par de trading, executa as tuas transações e monitoriza em tempo real.Oferecemos uma experiência de fácil utilização tanto para principiantes como para traders experientes.

4 Visualizações TotaisPublicado em {updateTime}Atualizado em 2026.06.18

Como comprar XAU

Discussões

Bem-vindo à Comunidade HTX. Aqui, pode manter-se informado sobre os mais recentes desenvolvimentos da plataforma e obter acesso a análises profissionais de mercado. As opiniões dos utilizadores sobre o preço de A (A) são apresentadas abaixo.

活动图片

Categorias popularesright-arrow

Etiquetas Popularesright-arrow