Chainalysis, a leading blockchain analytics firm, has uncovered a staggering 82,031 wallets connected to an address poisoning scam. This scam targets crypto users with high balances, exploiting their habit of not thoroughly verifying their addresses.
Address poisoning is a highly effective attack that involves creating fake addresses with attractive balances. Bots then target these wallets, hoping to deceive users into sending funds to the wrong address. The poisoned addresses are designed to closely resemble legitimate ones, with similar digits at the beginning and end of the address. This technique capitalizes on users’ tendency to only check the first and last four digits of an address.
In recent incidents, victims have lost significant amounts of money due to copying the wrong address from contaminated transaction histories. In one case, a victim lost $57,000 after falling prey to a poisoned address.
These poisoned addresses are often used in conjunction with fake zero-value tokens or zero-sum transactions involving popular cryptocurrencies like USDT, TRX, or MATIC. Some attackers even create fake versions of tokens or send entirely new tokens as part of an airdrop. While the wallet itself is not hacked, users unknowingly send funds to the fake addresses, resulting in significant losses.
One of the most notable instances of address poisoning resulted in the draining of $68 million worth of Wrapped BTC (WBTC) from a single wallet. However, the exploiter eventually returned the funds after earning $3 million due to the appreciation of Bitcoin.
The discovery of these poisoned addresses has shed light on the prevalence of such attacks on the Ethereum network. Chainalysis identified a total of 82,031 spoofed addresses, which accounted for nearly 1% of all new Ethereum wallets created during a concentrated period. These poisoned addresses primarily targeted experienced users with larger wallet balances. In total, 2,774 wallets fell victim to the scam, diverting a staggering $69.72 million.
While the network of poisoned addresses managed to deceive a significant number of users, with 756 wallets falling for the scam, measures are being taken to combat these attacks. Some block explorers are flagging fake transactions, allowing users to verify the legitimacy of addresses before sending funds.
These scammers also employ money laundering tactics by utilizing decentralized finance (DeFi) protocols and exchanges to obfuscate the origin of the funds. Smaller sums are often disguised and liquidated through no-KYC markets in Eastern Europe, taking advantage of less stringent regulations.
As address poisoning scams continue to persist, it’s crucial for crypto users to remain vigilant and double-check the authenticity of addresses before making any transactions.