Crypto User Loses $50 Million USDT in Address-Poisoning Scam

Highlights:

• A minor copy-paste mistake caused a cryptocurrency user to lose $50 million.
• Scammers exploited hidden wallet characters and redirected 50 million USDT to their wallet.
• The attacker converted stolen USDT into Ether and partially moved funds through Tornado Cash.

A cryptocurrency user suffered a staggering loss of $50 million in USDT due to a minor copy-paste mistake. According to blockchain analytics platform Lookonchain, the victim fell prey to an address-poisoning scam when attempting to transfer 50 million USDT.

Initially, the victim had tested the transfer by sending 50 USDT to his own wallet, 0xbaf4b…95F8b5, before completing the full transaction. However, this small precaution backfired when a scammer spoofed a wallet address using the same first and last four characters. The attacker successfully exploited the common practice of hiding the middle characters of wallet addresses.

Consequently, the full 50 million USDT meant for the victim’s wallet was redirected to the scammer. This incident shows how even small mistakes can cause massive financial losses in the cryptocurrency world.

Attacker Converts Stolen USDT Into Ether and Distributes Funds Across Multiple Wallets

Onchain analysis showed that the victim actively used their wallet for roughly two years, mainly for USDT transfers. The owner recently withdrew funds from Binance, showing they managed the wallet at the time of the incident. An onchain analyst wrote, “This is the brutal reality of address poisoning, an attack that doesn’t rely on breaking systems, but on exploiting human habits.” The attacker converted the stolen USDT into Ether (ETH), now valued at $2,974, and distributed it across multiple wallets. They also partially moved some funds into Tornado Cash.

User Error Highlights Risks of Misaddressed Crypto Transactions

Mistakes in wallet addresses are also seen in other cryptocurrencies, including USDT. In April, a Bitcoin Ordinal, a kind of non-fungible token, got mistakenly transferred to the usual Bitcoin deposit address of Binance. Despite Binance’s advice that users should transfer the usual Bitcoin, the event resulted in a conflict and widespread criticism on social media. The Bitcoin Ordinal resurfaced on the Magic Eden platform, and users blamed the platform for theft and mismanagement.

These events show why caution is crucial when handling crypto transactions. Therefore, always check wallet addresses carefully and avoid quick copy-paste shortcuts to prevent major financial losses. Human mistakes remain a major vulnerability, and scammers often exploit them, since technology alone cannot stop all errors.

For example, the Brooklyn District Attorney’s Office recently charged a man with pretending to be a Coinbase representative. He convinced victims their accounts were at risk, making them transfer nearly $16 million to wallets he controlled. Coinbase confirmed that it cooperated with law enforcement in this case. It stated, “Crypto scams aren’t anon. Coinbase is committed to working with law enforcement to trace funds, support victims, and pursue accountability.” 

This incident reflects a rising trend in cryptocurrency theft. Blockchain analytics firm Chainalysis reported $3.41 billion stolen between January and early December. This exceeds the $3.38 billion stolen. The $1.5 billion Bybit hack alone made up 44% of the total. The three biggest attacks caused 69% of all losses in crypto services.