Disclaimer: Information found on CryptoreNews is those of writers quoted. It does not represent the opinions of CryptoreNews on whether to sell, buy or hold any investments. You are advised to conduct your own research before making any investment decisions. Use provided information at your own risk.
CryptoreNews covers fintech, blockchain and Bitcoin bringing you the latest crypto news and analyses on the future of money.
Address Fraud Scheme: A Single Copy-Paste Error Led to a $50 Million Loss for a Cryptocurrency Trader
A cryptocurrency user fell victim to an address poisoning scam, resulting in a loss of nearly $50 million in USDT after copying a deceptive wallet address from their transaction history, as reported by blockchain security firm SlowMist.
The individual transferred 49,999,950 USDT to an address controlled by the attacker, which closely resembled the intended recipient’s address, sharing the same first three and last four characters.
The misappropriated funds were swiftly converted to ETH, dispersed across various wallets, and partially funneled through the Tornado Cash mixer.
As per security insights, the victim’s wallet had been operational for around two years and was mainly utilized for USDT transactions, with the compromised funds withdrawn from Binance just prior to the poisoned transfer.
这位玩家遭遇首尾号相似地址投毒,损失近 5000 万 USDT…
玩家地址:
0xcB80784ef74C98A89b6Ab8D96ebE890859600819
投毒地址:
0xBaFF2F13638C04B10F8119760B2D2aE86b08f8b5
玩家期望中的地址:
0xbaf4b1aF7E3B560d937DA0458514552B6495F8b5
// 可以看到首 3 字符尾 4 字符一样
玩家转 49,999,950… https://t.co/NJiZmmia1W— Cos(余弦)
(@evilcos) December 20, 2025
Crypto Scams Reach $90 Billion
This incident occurred amid a wider security crisis affecting the cryptocurrency sector, which has now experienced losses nearing $90 billion due to hacks and exploits since its inception.
In November alone, over $276 million was stolen, pushing the total losses for 2025 beyond $9.1 billion, indicating that approximately 10% of all historical crypto losses have transpired within the last year.
Mitchell Amador, CEO of Immunefi, cautioned that the threat landscape is undergoing a significant transformation.
“The threat landscape is shifting from onchain code vulnerabilities to operational security and treasury-level attacks,” he stated to Cryptonews. “As code becomes more secure, attackers are focusing on the human element.”
Despite 2025 being recorded as the worst year for hacks, Amador highlighted that these losses are primarily due to operational failures rather than vulnerabilities in smart contracts.
“While 2025 was the worst year for hacks on record, those losses were driven mainly by traditional Web2 infrastructure failures and operational security breakdowns, not onchain code,” he clarified.
FBI Reports $9.3 Billion Lost to Investment Fraud
In 2024, Americans lost around $9.3 billion to cryptocurrency investment fraud schemes, representing a 66% increase from the previous year, according to FBI statistics.
Pig-butchering scams accounted for over $9.9 billion globally, with Chainalysis data indicating that activity surged nearly 40% in 2024.
Related Posts
U.S. Senators Elissa Slotkin and Jerry Moran have introduced the SAFE Crypto Act, which aims to establish a federal task force to coordinate efforts among government agencies, law enforcement, and private-sector experts to combat crypto-related fraud.
This legislation mandates that authorized stablecoin issuers maintain the technical capability to freeze or seize digital assets associated with illegal activities.
After $9.3B lost to crypto scams like pig butchering, U.S. lawmakers unveil the bipartisan SAFE Crypto Act, creating a federal task force to fight fraud.#CryptoScam #CryptoRegulationhttps://t.co/kG6oDWQVCC
— Cryptonews.com (@cryptonews) December 17, 2025
After $9.3B lost to crypto scams like pig butchering, U.S. lawmakers unveil the bipartisan SAFE Crypto Act, creating a federal task force to fight fraud.#CryptoScam #CryptoRegulationhttps://t.co/kG6oDWQVCCEnforcement actions have escalated, with U.S. authorities announcing the largest crypto seizure to date in October, targeting the Cambodia-based Prince Holding Group.
Tether also froze nearly $50 million in USDT linked to Southeast Asia pig-butchering operations, while Binance prevented 7.5 million users from losing nearly $10 billion to fraud between December 2022 and May 2025.
Human Factor Becomes Primary Attack Vector
In addition to sophisticated scams, malware attacks continue to deplete wallets, with a Singapore entrepreneur losing over $100,000 after downloading malicious software disguised as a game-testing application.
A separate breach of a multisignature wallet earlier this month resulted in approximately $27.3 million being stolen due to private key compromise, with attackers laundering around $12.6 million through Tornado Cash.
Amador contended that the industry must fundamentally overhaul its security strategy.
“Securing code isn’t enough if users and operators remain vulnerable,” he remarked.
“Web3 companies need to invest significantly more in human-layer security, which entails training teams, tightening operational controls, and directly educating users on how to identify scam messages, recognize social engineering attempts, and safeguard their assets onchain.”
He pointed out that 99% of Web3 projects function without basic firewalls, while fewer than 10% utilize modern AI-driven security tools.
“Most hacks this year haven’t occurred due to inadequate audits,” Amador explained. “They’ve taken place post-launch, during protocol upgrades, or through integration vulnerabilities—blind spots that audits alone cannot detect.”
Despite the rising losses, Amador expressed optimism regarding onchain code security, forecasting that 2026 will be the most secure year yet for smart contracts as the industry continues to strengthen its technical infrastructure.
The post Address Poisoning Scam: One Copy-Paste Mistake Cost a Crypto Trader $50 Million appeared first on Cryptonews.
