Skip to content

Sign Up

or

Forgot Password?

Don't have an account?

Sign Up

or

By submitting my information, I agree to the Privacy Policy and Terms of Service.

Already have an account?

Cryptocurrency investor loses $70 million in six hours: Address poisoning attack

Cryptocurrency investor loses $70 million in six hours: Address poisoning attack

A cryptocurrency investor has fallen victim to an address poisoning attack, resulting in a staggering loss of $70 million worth of Wrapped Bitcoin (WBTC). The incident, which unfolded over the course of around six hours, has sent shockwaves through the cryptocurrency community.

According to a post by Lookonchain on the X, the unfortunate investor created a new address, “0xd9A1b0B1e1aE382DbDc898Ea68012FfcB2853a91,” and transferred a small amount of Ethereum (ETH), approximately 0.05 ETH, to this newly generated destination.

This observed behavior is common in the decentralized finance (DeFi) space, mainly due to the need for gas fees. Essentially, when cryptocurrency investors create new crypto wallet addresses, they need to fund them with the native token first to pay for future gas fees, in this case, Ether or ETH.

However, a scammer had been waiting unbeknownst to the investor, ready to strike at the opportune moment.

Address poisoning attack

The scammer, employing a technique known as address poisoning, generated an address that shared the same starting and ending letters as the investor’s new address. In a calculated move, the scammer transferred zero ETH to the investor, causing it to appear in the investor’s transaction history.

Many cryptocurrency wallets hide the middle portion of addresses with ellipses (“…”) to enhance user interface aesthetics. Therefore, when the investor attempted to transfer their 1,155 WBTC, valued at approximately $71 million, they inadvertently copied the scammer’s cleverly crafted address, believing it to be their own.

Notably, crypto users often only check the destination address by quickly glancing at the first and last four characters.

The devastating consequence of this mistake was the irreversible transfer of the investor’s WBTC holdings to the scammer’s address. The crypto community has expressed shock and disbelief at the magnitude of the loss, with many calling for increased awareness and education surrounding the risks associated with cryptocurrency transactions.

This incident underscores the critical importance of thoroughly verifying addresses before initiating any transfers, particularly when dealing with substantial sums of digital assets. As the cryptocurrency landscape continues to evolve, it is imperative that investors remain vigilant and stay abreast of the latest security measures and best practices to safeguard their investments.

Latest posts

Finance Digest

By subscribing you agree with Finbold T&C’s & Privacy Policy

Related posts

Services

IMPORTANT NOTICE

Finbold is a news and information website. This Site may contain sponsored content, advertisements, and third-party materials, for which Finbold expressly disclaims any liability.

RISK WARNING: Cryptocurrencies are high-risk investments and you should not expect to be protected if something goes wrong. Don’t invest unless you’re prepared to lose all the money you invest. (Click here to learn more about cryptocurrency risks.)

By accessing this Site, you acknowledge that you understand these risks and that Finbold bears no responsibility for any losses, damages, or consequences resulting from your use of the Site or reliance on its content. Click here to learn more.