Whale loses $12.4 million due to Address Poisoning: A warning lesson for crypto investors

A large ETH holding wallet recently became a victim of a sophisticated Address Poisoning attack, when all 4,556 ETH (worth approximately $12.4 million USD) were mistakenly transferred into the scammer’s control. This incident is part of a series of carefully monitored and address spoofing schemes that have been ongoing for over two months.

How Address Poisoning Works - A Lesson for Crypto Whales

This is not an attack targeting smart contracts or private key exposure. Instead, the attacker exploited a weakness in the victim’s wallet usage habits. The hacker patiently monitored transaction activity for 60 days, then created a fake wallet address that closely resembled the OTC address the target frequently received funds from.

This method is also known as the “Look-alike address attack” — creating an address with the same starting and ending characters, making it hard to distinguish at a quick glance. The attacker then continuously sent small transactions from the fake address to the victim’s wallet, aiming to make their address appear in the “Recent Transactions” list — where victims often copy addresses when transferring funds.

The Hacker’s Perfect Plan: 32 Hours of Decision

About 32 hours before the incident, the attacker launched a massive attack by repeatedly sending transactions from the fake address. This tactic aimed to push the spoofed address to the top of the recent transaction list, increasing the likelihood that the victim would select it.

When withdrawing funds, instead of carefully verifying or using a trusted address book, the victim copied the address from the transaction history because it looked familiar. Since the fake address was so similar to the real one, the victim failed to notice the difference and transferred all 4,556 ETH (which could be worth $9.61 million USD at current exchange rates) into the scammer’s hands.

Increasingly Sophisticated Attacks Targeting Whales

This is not an isolated incident. Just two months ago, a similar Address Poisoning attack caused another victim to lose up to $50 million USD. The rise of these attacks shows that hackers are controlling high-value wallets with meticulous preparation, rather than random assaults.

Fraud groups have upgraded their techniques — from simply creating fake addresses to long-term monitoring, analyzing victim habits, and planning attacks during optimal time windows.

How to Protect Your Wallet and Assets

To avoid becoming a victim of Address Poisoning, you should follow these basic but crucial rules:

• Never copy addresses from transaction history when making large transfers. Instead, save trusted addresses in your “Contacts” or “Trusted Addresses” section within your wallet.

• Verify all characters before confirming a transaction, especially the first and last characters. A small mistake can lead to losing millions of USD.

• Use the address book feature available in most Web3 wallet applications to store verified addresses.

• For large transactions, perform a small test transaction first to confirm the address is correct.

This incident reminds all crypto investors, especially whales holding large assets, that you don’t need a complex hack or advanced technology to be targeted. Sometimes, the simplest tricks are the most effective if we are careless and complacent.