A cryptocurrency trader lost nearly $50 million in USDT after sending the funds to the wrong wallet in an address poisoning scam, marking one of the largest on-chain losses in recent memory.
Blockchain security experts from Web3 Antivirus reported that the victim accidentally sent 49,999,950 USDT to a malicious wallet address that closely resembled the intended recipient.
Blockchain records show the user initially sent a small test transaction to the correct destination address. Minutes later, however, the full $50 million transfer was mistakenly sent to a fraudulent address that closely resembled the intended recipient.
Sponsored
The scammer’s wallet differed slightly from the test transaction’s address, suggesting the sender did not verify the full address before sending the $50 million.
The incident unfolded less than an hour after the funds were transferred into the user’s wallet, leaving little time to detect the error.
The USDT had been withdrawn from Binance shortly before the loss occurred. The stolen funds were converted into the unfreezable stablecoin DAI, moved to another wallet, and swapped into wrapped Ethereum.
How the Address Poisoning Scam Works
Address poisoning tricks users into sending crypto to fake wallets. Attackers create addresses that closely resemble legitimate ones, often sharing the same first and last characters.
They then send small transactions to a victim’s wallet so the fake address appears in the transaction history.
When the victim later initiates a transfer, they may copy the address directly from that history, assuming it is the correct recipient. Because most wallets only display shortened versions of addresses, the poisoned address can look legitimate at a glance, making the mistake easy to miss.
When users copy from that history, they can accidentally send funds to the attacker. Because blockchain transactions are irreversible, even a small mistake can lead to massive losses.
Biggest Scams to Date
Some of the largest address poisoning scams have cost victims tens of millions in a single transaction.
In May 2024, one trader lost about $68 million in WBTC after sending funds to a lookalike address, while another case that same month saw a $72.7 million loss in a similar attack. Between 2024 and 2025, thousands of smaller incidents added up to more than $80 million in total losses
Why This Matters
Address poisoning scam targets human error, not technology. Even experienced users can be tricked if they don’t check the full wallet address before sending large amounts.
Check Out DailyCoin’s hottest crypto news:
Hedera’s HBAR Bleeds, But Institutional Deals Quietly Stack Up
XRP Price In Final ‘Paper Hands’ Purge Before Breakout?
People Also Ask:
It is a type of crypto scam where attackers create wallet addresses that closely resemble legitimate ones. Victims may accidentally send funds to these fake addresses, often by copying from transaction histories.
Fake addresses usually match the first and last characters of a legitimate wallet. Small “dust” transactions are sent so the poisoned address appears in the victim’s transaction history, making it easy to mistake for the correct recipient.
No. Blockchain transactions are irreversible. Once funds are sent to a malicious address, they cannot be recovered unless the attacker returns them voluntarily.
Always verify the full wallet address, use QR codes or official sources, perform small test transactions first, and consider enabling address whitelisting on wallets or exchanges. Vigilance and careful verification are the most effective defenses.
Address poisoning exploits human error rather than blockchain vulnerabilities. As crypto transactions increase in value and frequency, attackers rely on rushed checks and visual similarities to steal funds.
