Address poisoning attacks against cryptocurrency users have escalated dramatically, with scammers stealing more than $1.6 million in just one week — a figure far exceeding March’s total of $1.2 million.
The spike in losses highlights the growing malicious tactics of these attacks, where criminals contaminate users’ transaction histories with fraudulent addresses designed to trick victims into copying the wrong destination for their transfers.
The most devastating incident of the week happened when a single victim lost 140 ETH, valued at $636,500, after he inadvertently copied a malicious address from their compromised transaction history. ScamSniffer, a platform specializing in crypto scam prevention, documented the attack and issued warnings that the victim’s wallet had become a primary target for continued exploitation.
The data, compiled by media organisation Cointelegraph based on alerts by multiple cybersecurity firms, underscores the urgent need for enhanced security awareness among crypto users as these deceptive tactics become increasingly prevalent.
Your completely free resource hub designed to boost your knowledge of cryptocurrencies
How Address Poisoning Works
Address poisoning tricks crypto users by flooding their transaction history with fake transfers from lookalike wallet addresses. Scammers send tiny amounts from addresses that closely resemble legitimate ones users have previously transacted with.
When victims later copy addresses from their transaction history for new transfers, they accidentally select the fraudulent address instead of the real one. The copied address belongs to the scammer, who receives the full payment.
“Poisoners send small transfers from addresses that mimic a real one, so copying from history becomes a trap,” an expert from Web3 Antivirus explained. The security firm noted how this creates “transaction history poisoning” where fake addresses appear alongside legitimate ones.
Malicious signature attacks contributed another $600,000 in theft this week. Victims lost funds by signing dangerous blockchain permissions, including “approve”, “increaseAllowance”, and “permit” functions.
One of the victims lost $165,000 worth of BLOCK and DOLO tokens after signing malicious signatures, ScamSniffer reported. These permissions grant scammers access to drain wallet contents without additional authorization.
Protection Strategies Should Always Be in Place
Security experts recommend several defense measures against these attacks. Users should maintain address books or whitelists (a list of approved participants) for frequent recipients rather than copying from transaction history.
Verifying the full address before sending any transaction is another simple safeguard. Double-checking every character prevents falling victim to similar-looking fraudulent addresses.
The surge in address poisoning attacks highlights growing sophistication among crypto scammers. As adoption increases, criminals develop more subtle methods that exploit common user behaviors.
