2025-12-25 10:20:33

It looks like an ordinary transfer, but it can cause $50 million to instantly vanish on the blockchain. A former senior executive of a well-known exchange recently issued an emergency security warning on social media, exposing a highly covert new scam called "address poisoning."

The case is shocking: a user plans to withdraw 50 million USDT from an exchange to a private wallet, which is a very common operation. To be safe, he first transferred 50 USDT as a test and received it. This step is actually correct—most experienced users do this.

The problem lies here. The scammers are monitoring the entire process. After seeing your test transfer, they immediately generate a fake address that is exactly the same as your target address at the beginning and end using technical means. You can't tell which one is real and which is fake. Even more malicious, they send you a "dust transaction" of 0.005 USDT from this fake address in a reverse manner.

When it comes to the actual transfer, like most people, you copy the address from your wallet transaction history. Paste it, and the 50 million USDT goes straight into the scammer's pocket. The address that looks most convenient in your recent transaction list has actually been "poisoned" long ago.

The insidiousness of this method is that it completely bypasses your defensive psychology. You've already done a small test, you're very cautious. But scammers are gradually setting traps for you during this process. The more disciplined your digital wallet usage habits are, the easier it is to fall into this trap.

Therefore, now you must enter the address directly or use the official QR code for transfers. Never be lazy to copy from transaction records. Even a single character mistake, and the money will truly be unrecoverable.

View Original

This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.

10 Likes

Reward
10
7
Repost
Share

Comment

0/400

P2ENotWorking

· 3h ago

I looked at this case, and 50 million was gone just like that... This "address poisoning" method is really insidious, fully exploiting people's habitual vulnerabilities.

View OriginalReply0

ArbitrageBot

· 3h ago

Damn, this technique is too sneaky, I didn't even escape a small test. --- Dust attack? I've been hit by it long ago, lessons learned the hard way. --- 50 million just disappeared like that, I'm shattered, I really need to be more cautious. --- It's so simple to copy and paste, yet someone found a loophole, who could have thought of that. --- The key is you can't even tell, that's the most disgusting part. --- From now on, just send transfers by address, too lazy to do otherwise, really. --- Even veterans have had accidents, us newbies need to be more careful, oh my.

View OriginalReply0

DegenDreamer

· 3h ago

Damn, this technique is amazing, even veterans can be fooled Paste 50 million and it's gone, who can handle this In the future, I will manually type transfer addresses, no more copying and trusting

View OriginalReply0

ruggedSoBadLMAO

· 3h ago

Damn, this operation is really genius. I used to copy addresses like this before... --- Small amount testing can still be poisoned via reverse poisoning. This scam combo is really hard to defend against. --- 50 million just disappeared like that. It hurts just looking at it. --- So the more cautious you are, the easier it is to fall into a trap. This logic is really f***ing ironic. --- I need to change my habit immediately. Never copy addresses from transaction records again. It's scary. --- These people's technical skills are truly impressive. Feels like they are more ruthless than most security teams. --- No wonder people say the crypto world can't be slack. One second of negligence and you're broke. --- Address poisoning is more excessive than direct hacker intrusion. It's completely unpreventable. --- Wait, even test transfers can be monitored? Does that mean all my small transactions are exposed? --- Really genius. I was just about to copy from transaction records before. Luckily, I didn't do it this time.

View OriginalReply0

gas_guzzler

· 3h ago

Damn, this method is brilliant. I need to change my transfer habits. --- I've fallen for the trap of copying addresses before; it's really hard to guard against. --- 50 million just disappeared, it hurts just thinking about it. --- So, small-scale testing is actually useless? What should I do then? --- Even veterans get caught, we retail investors need to be extra cautious. --- That's why I’ve never dared to move large amounts; being cautious is right. --- I feel safer just manually entering the address, even if it's slower. --- Toxic address tricks appear every year, so annoying. --- Testing actually becomes a signal that exposes the address, ironic. --- From now on, all transaction records should be treated as potential threats.

View OriginalReply0

MoonBoi42

· 3h ago

Damn, this technique is too brilliant, the details are terrifying --- So doing test transfers has instead become a signal light, handing knives to scammers --- 50 million just disappeared like that, oh my god, this is even worse than a rug pull on a contract --- I need to change the habit of copying addresses in the future, using manual input or QR codes, otherwise it's really hard to defend --- No wonder so many people ask in groups before large transfers, turns out the problem is so deep --- Address poisoning is such a killer move, it hits the wallet side's pain point, even veterans fall for it --- After reading, I broke out in cold sweat, feeling that my previous transfer operations were too casual

View OriginalReply0

MetaMasked

· 3h ago

This trick is really ruthless, I need to change my habits. --- Damn, copying the address requires some caution. --- 50 million gone just because I pressed copy, that's too extreme. --- Why are so many people watching our wallet? --- Small test transactions have become signals for scammers, it's terrifying when you think about it. --- From now on, I will manually input every time, no matter how annoying. --- The address poisoning tactic, even cautious people can't escape, it's really brilliant. --- Just to say why some veterans still fall for it, turns out the scheme has been set up long ago.

View OriginalReply0