Skip to content

Cryptocurrency investor loses $70 million in six hours: Address poisoning attack

Cryptocurrency investor loses $70 million in six hours: Address poisoning attack

A cryptocurrency investor has fallen victim to an address poisoning attack, resulting in a staggering loss of $70 million worth of Wrapped Bitcoin (WBTC). The incident, which unfolded over the course of around six hours, has sent shockwaves through the cryptocurrency community.

According to a post by Lookonchain on the X, the unfortunate investor created a new address, “0xd9A1b0B1e1aE382DbDc898Ea68012FfcB2853a91,” and transferred a small amount of Ethereum (ETH), approximately 0.05 ETH, to this newly generated destination.

This observed behavior is common in the decentralized finance (DeFi) space, mainly due to the need for gas fees. Essentially, when cryptocurrency investors create new crypto wallet addresses, they need to fund them with the native token first to pay for future gas fees, in this case, Ether or ETH.

However, a scammer had been waiting unbeknownst to the investor, ready to strike at the opportune moment.

Address poisoning attack

The scammer, employing a technique known as address poisoning, generated an address that shared the same starting and ending letters as the investor’s new address. In a calculated move, the scammer transferred zero ETH to the investor, causing it to appear in the investor’s transaction history.

Many cryptocurrency wallets hide the middle portion of addresses with ellipses (“…”) to enhance user interface aesthetics. Therefore, when the investor attempted to transfer their 1,155 WBTC, valued at approximately $71 million, they inadvertently copied the scammer’s cleverly crafted address, believing it to be their own.

Notably, crypto users often only check the destination address by quickly glancing at the first and last four characters.

The devastating consequence of this mistake was the irreversible transfer of the investor’s WBTC holdings to the scammer’s address. The crypto community has expressed shock and disbelief at the magnitude of the loss, with many calling for increased awareness and education surrounding the risks associated with cryptocurrency transactions.

This incident underscores the critical importance of thoroughly verifying addresses before initiating any transfers, particularly when dealing with substantial sums of digital assets. As the cryptocurrency landscape continues to evolve, it is imperative that investors remain vigilant and stay abreast of the latest security measures and best practices to safeguard their investments.

Best Crypto Exchange for Intermediate Traders and Investors

  • Invest in cryptocurrencies and 3,000+ other assets including stocks and precious metals.

  • 0% commission on stocks - buy in bulk or just a fraction from as little as $10. Other fees apply. For more information, visit etoro.com/trading/fees.

  • Copy top-performing traders in real time, automatically.

  • eToro USA is registered with FINRA for securities trading.

30+ million Users
Securities trading offered by eToro USA Securities, Inc. (“the BD”), member of FINRA and SIPC. Cryptocurrency offered by eToro USA LLC (“the MSB”) (NMLS: 1769299) and is not FDIC or SIPC insured. Investing involves risk, and content is provided for educational purposes only, does not imply a recommendation, and is not a guarantee of future performance. Finbold.com is not an affiliate and may be compensated if you access certain products or services offered by the MSB and/or the BD

Read Next:

Finance Digest

By subscribing you agree with Finbold T&C’s & Privacy Policy

Related posts

Sign Up

or

By submitting my information, I agree to the Privacy Policy and Terms of Service.

Already have an account? Sign In

Services

Disclaimer: The information on this website is for general informational and educational purposes only and does not constitute financial, legal, tax, or investment advice. This site does not make any financial promotions, and all content is strictly informational. By using this site, you agree to our full disclaimer and terms of use. For more information, please read our complete Global Disclaimer.