Disclaimer: Information found on CryptoreNews is those of writers quoted. It does not represent the opinions of CryptoreNews on whether to sell, buy or hold any investments. You are advised to conduct your own research before making any investment decisions. Use provided information at your own risk.
CryptoreNews covers fintech, blockchain and Bitcoin bringing you the latest crypto news and analyses on the future of money.
Changpeng Zhao, the co-founder and former CEO of Binance, has urged the cryptocurrency sector to adopt more robust and coordinated measures to eradicate address poisoning scams.
This alert follows an incident where a single victim lost nearly $50 million in USDT, which analysts characterize as one of the most significant on-chain phishing losses in recent months.
How a Single Copy-Paste Mistake Initiated a $50M Crypto Theft
The event transpired in less than an hour. Based on on-chain data and security firms monitoring the situation, the victim withdrew funds from Binance and executed a small test transaction of 50 USDT to the correct destination address.
Crypto trader loses $50 million to address poisoning scam as industry grapples with nearly $90 billion in cumulative security losses.#Crypto #Scamhttps://t.co/ZXn2iF8wdi
— Cryptonews.com (@cryptonews) December 20, 2025
Shortly thereafter, the user copied an address from their transaction history and transferred 49,999,950 USDT to a different wallet that closely resembled the intended recipient.
The fraudulent address had been inserted by attackers through a previous microtransaction, a typical strategy employed in address poisoning scams.
The victim’s wallet, which had been active for approximately two years and primarily used for USDT transactions, sent the funds soon after the withdrawal from Binance.
Initial reports suggested that the stolen USDT remained at the destination address temporarily, although similar incidents indicate that funds are frequently moved, swapped, or laundered through multiple wallets.
In this instance, blockchain investigators later noted that portions of the funds were converted to ETH and channeled through several addresses, with some passing through the Tornado Cash mixer.
Zhao addressed the incident in a public statement, labeling it as an issue that the industry should be capable of completely eliminating.
He proposed that wallets automatically identify and block known poison addresses using straightforward blockchain queries, alerting users before transactions are executed.
He also encouraged industry security organizations to maintain real-time blacklists that wallets could reference prior to transaction execution and suggested filtering out spam transactions entirely to prevent users from seeing dust transfers in their histories.
He noted that Binance Wallet already incorporates some of these protective measures.
Related Posts
As Address Poisoning Increases, Lawmakers and Stablecoin Issuers Take Action
Address poisoning, sometimes known as dusting, is a phishing technique where attackers send minimal amounts of cryptocurrency to wallets from addresses designed to closely resemble legitimate ones.
When users later copy an address from their transaction history instead of a verified source, they may inadvertently paste the attacker’s address.
Matching the initial few and final characters of a wallet address is often sufficient to mislead users, particularly during high-value transfers.
Security firms report that this tactic is on the rise, as SlowMist and other analysts have identified address poisoning as an escalating threat, especially on networks with low transaction fees where attackers can operate extensively.
TRM Labs has documented significant dusting activity on the TRON blockchain, where free or nearly free transfers enable bots to inundate wallets with spoofed transactions.
Source: TRM Labs
Their research indicates that attackers create thousands of vanity addresses and utilize automated systems that target recently active or high-balance wallets, particularly those holding stablecoins like USDT.
Source: Chainalysis
The $50 million loss occurs amid a broader increase in cryptocurrency-related fraud. Industry estimates indicate that nearly $90 billion has been lost to hacks and exploits since the inception of cryptocurrency, with over $9 billion recorded in 2025 alone.
November witnessed over $276 million stolen, and phishing was identified by CertiK as the most damaging scam category of 2024, accounting for more than $1 billion in losses.
U.S. authorities reported that Americans lost approximately $9.3 billion to cryptocurrency investment scams in 2024, marking a significant year-over-year rise.
After $9.3B lost to crypto scams like pig butchering, U.S. lawmakers unveil the bipartisan SAFE Crypto Act, creating a federal task force to fight fraud.#CryptoScam #CryptoRegulationhttps://t.co/kG6oDWQVCC
— Cryptonews.com (@cryptonews) December 17, 2025
After $9.3B lost to crypto scams like pig butchering, U.S. lawmakers unveil the bipartisan SAFE Crypto Act, creating a federal task force to fight fraud.#CryptoScam #CryptoRegulationhttps://t.co/kG6oDWQVCCLawmakers have also taken action. U.S. Senators Elissa Slotkin and Jerry Moran recently introduced the SAFE Crypto Act, proposing
The post CZ Wants to ‘Eradicate’ Address Poisoning After Massive $50M Loss appeared first on Cryptonews.
