A crypto user lost $50M due to a copy-paste error, caused by address poisoning. A small mistake led to a major scam.
A crypto user lost $50 million in USDT due to a simple copy-paste mistake.
The victim sent a small test transfer to verify the wallet address. But the victim copied the wrong address from their transaction history. This resulted in the loss of nearly $50 million. It shows how even small mistakes can lead to large losses in crypto.
Understanding the Address Poisoning Scam
The scam used a method called address poisoning.
The attacker created a fake address that looked like the victim’s. The scammer sent a small amount of crypto to the victim’s wallet. This made the fake address appear in the transaction history. Since most wallet interfaces truncate addresses, the victim couldn’t spot the difference.
The victim sent 50 USDT as a test to their own address. The address was 0xbaf4b1aF…B6495F8b5. The scammer immediately spoofed a wallet with a similar address.
A victim (0xcB80) lost $50M due to a copy-paste address mistake.
Before transferring 50M $USDT, the victim sent 50 $USDT as a test to his own address 0xbaf4b1aF…B6495F8b5.
The scammer immediately spoofed a wallet with the same first and last 4 characters and performed an… pic.twitter.com/eGEx2oHiwA
— Lookonchain (@lookonchain) December 20, 2025
The victim only checked the beginning and end of the address. They copied the fake address when sending the larger transfer.
The victim transferred 49,999,950 USDT to the scammer’s address. This highlights the risks of using transaction history for address copying. The victim’s convenience led to a costly mistake.
The Speed of Blockchain Transactions and Recovery Challenges
Once the funds were sent, the scammer quickly moved them. They sent the funds through several wallets to make tracing harder.
The scammer exchanged some USDT for ETH. They used tools like Tornado Cash to hide the transaction trail. This made it nearly impossible to recover the funds.
Blockchain transactions are irreversible.
Once confirmed, they cannot be undone. The speed of blockchain finality meant there was no time to stop the transfer. The funds were gone for good. This case highlights the risks of sending large sums of crypto.
Related Reading: AI Romance Scams Return As Bitcoin Investor Loses Entire Retirement Fund
Wallet Design and Its Role in User Security
This incident raises concerns about wallet interface design. Many wallets hide part of the address for readability. But this can cause users to make mistakes. In this case, the victim didn’t see the difference in the address.
Some wallets now warn users about similar-looking addresses. Others offer features like address whitelisting. However, these features are not always enabled.
Users should avoid copying addresses from transaction history.
Double-checking the full address is essential before making a transfer. This case shows the importance of careful verification when handling large sums.