A cryptocurrency user lost $50 million worth of USDT after falling victim to an “address poisoning” scam in which a scammer’s address was copied from his transaction history.
Cryptographic security experts Web3 Antivirus discovered the unfortunate victim’s transmission earlier today. Users first sent a test transaction of approximately $50 worth of USDT to crypto addresses starting with “0xbaf” and ending with “F8b5.”
However, they then sent approximately $50 million worth of USDT to suspiciously similar addresses starting with “0xBaF” and ending with “f8b5.”
The full fraudulent address “0xBaFF2F13638C04B10F8119760B2D2aE86b08f8b5” has a different body than the recipient of the test transaction, indicating that the sender Checks beyond the first few digits of the address failed.
Read more: $70 million ‘address poisoning’ scam refunds underway, more than 50% refunded
The redirected funds are then converted into the unfreezable stablecoin Dai, sent to another address, and now exchanged into wrapped Ether via “Rizzolsver: Uniswap X.”
How does cryptocurrency poisoning occur?
Address poisoning scams work by sending small amounts of cryptocurrency known as “dust” from an address similar to the targeted recipient.
These small cryptographic signatures appear in the victim’s transactions, known as “poisoning,” and can trick the victim into accidentally copying and pasting the address instead of the legitimate address they intended to send it to.
In one example, someone accidentally sent $70 million to a poisoned address. They then began trying to negotiate with the scammers and offered: Let them keep 10% of the funds.
Read more: How to stay safe on chain: 3 crypto users lose $876,000 within hours
The scammers ultimately returned more than half of the stolen funds to their victims.
Last year, two more victims collectively lost more than $200,000 by copying incorrect deposit addresses and sending crypto to compromised addresses.
Discover more from Earlybirds Invest
Subscribe to get the latest posts sent to your email.
