Bitcoin (BTC) User Loses $68 Million in Devastating Address Poisoning Scam: A Costly Crypto Error

• Crypto hackers have claimed another major victim, fooling him into sending $68 million to a wallet he thought was somebody else’s.
• Blockchain data indicates that a once-wealthy Ethereum user lost all of his Bitcoin holdings after hackers contaminated a recipient’s wallet history. The user now holds just $1.6 million in crypto at his address.
• The assets stolen from the victim included 1155 Wrapped Bitcoin (WBTC) – a token that operates like a stablecoin for Bitcoin on the Ethereum network, mirroring the price of the dominant digital asset.

A recent crypto scam has led to a user losing $68 million in Bitcoin holdings due to a technique known as address poisoning. This article delves into the details of the scam and the dangers of address poisoning.

The Danger Of Address Poisoning

According to Etherscan, the sending wallet’s remaining assets include 0.89 ETH ($2,747) and 1.63 million dollar-pegged DAI stablecoins. Wallet contamination or “address poisoning” involves sending a transaction – usually of zero or negligible value – to a victim’s wallet, simply so that the attacker’s address appears in the victim’s transaction history. Attackers will deliberately generate their address to have several starting and ending characters that match those of an address belonging to the victim. Popular wallet software often shrinks addresses to display only the first and last characters, making the differences in the middle undetectable on the surface.

Address Poisoning In Action

In this case, both the attacker’s address and the real target address had characters starting with 0xd9A1, and ending with 853a91. The attacker hopes they try to copy that address from their history the next time they intend to receive a transaction, under the mistaken belief that it’s their address or that of someone they know. Last year, address poisoners targeted a series of SafeWallet users, stealing $2 million within one week. Back in February, a Kraken user was robbed of 1 million USDT after scammers poisoned their history mimicking the victim’s prior interaction with the exchange. Metamask suggests users avoid copying transactions from their history, and to add frequently used addresses to their address book to avoid using any that aren’t specifically whitelisted.

Conclusion

Address poisoning is a growing concern in the crypto community. Users are advised to be vigilant and adopt safe practices such as not copying transactions from their history and adding frequently used addresses to their address book. As the crypto space continues to evolve, it is crucial for users to stay informed about potential scams and take necessary precautions to safeguard their assets.