Address Poison Attack Drains $12.25 Million in ETH From One Crypto Victim

TLDR:

The victim lost 4,556 ETH worth $12.25 million by copying a fraudulent address from their transaction history.
Fraudsters generate dummy addresses that match legitimate wallets to trick users into sending money.
The Ethereum network currently experiences over 1 million address poisoning attempts every day.
By 2025, phishing scams, including address poisoning, will rise 1,400 percent and steal $17 billion.

According to blockchain security firm ScamSniffer, the holder of the cryptocurrency lost 4,556 ETH worth approximately $12.25 million in an address poisoning attack.

The victim copied a spoofed address from their transaction history instead of the intended recipient's wallet. This incident adds to the crypto theft issues affecting the Ethereum network.

Security experts now warn users not to copy addresses from their transfer history.

Anatomy of a Million-Dollar Heist

The victim tried to transfer the money from wallet address 0xd6741220a947941bF290799811FcDCeA8AE4A7Da to a known contact.

However, the user has unknowingly selected a fraudulent address from recent transactions. The fraudulent wallet 0x6d9052b2DF589De00324127fe2707eb34e592e48 matches the legitimate address 0x6D90CC8Ce83B6D0ACf634ED45d4bCc37eDdD2E48.

Scam Sniffer reported the attack on X, warning that “another victim lost 4,556 ETH ($12.25M) by copying the wrong address from a compromised transfer history.”

The security firm emphasized an important security measure, saying users should “never copy the address from the transfer history.” Address poisoning uses how cryptocurrency wallets truncate long addresses for display purposes.

Attackers deploy automated software to generate millions of null addresses that match the first and last characters of target wallets.

Users cannot distinguish between legitimate and fraudulent addresses when looking at shortened versions such as 0x6D90…2E48. Fraudsters send insignificant amounts or zero-value transactions to fill in victims' recent activity.

The Ethereum network currently faces more than 1 million poisoning attempts every day, according to security analysts.

Blockchain transactions, once verified, remain irreversible, making it impossible to recover stolen funds. This immutable feature turns simple mistakes into permanent financial losses for affected users.

The growing wave of crypto security breaches

In December 2025, it saw another catastrophic address poisoning case involving a loss of 49,999,950 USDT, nearly $50 million. The victim implemented security measures by first sending a test transaction of 50 USDT.

The fraudster's automated system detected the check transfer and immediately poisoned the transaction history before the actual transfer.

The attacker converted the stolen USDT to DAI and then ETH to avoid an asset freeze by the authorities. Cybersecurity and Immunefi security researchers confirm that these attacks are now working on an industrial scale.

Citi analysts suggest that the recent over 2.8 million in Ethereum trading is the result of a mass poisoning campaign.

January 2026 brought more security risks to many blockchain platforms. The Saga EVM blockchain was shut down on January 21 following a $7 million exploit.

TrueBit Protocol suffered a loss of $26.6 million in ETH when hackers exploited legacy vulnerabilities, causing token values ​​to plummet by 100%.

French cryptocurrency tax platform Waltio has faced a ransom demand from the ShinyHunters hacking group for data theft affecting 50,000 users.

Impersonation scams, including address poisoning, are increasing 1,400 percent year-on-year, according to Chinese data. Total stolen cryptocurrency to reach $17 billion by 2025, setting new records for digital asset crime.