Despite tightening security measures in the crypto world, new scams and hacks keep emerging. Now, scammers and hackers don't just exploit smart contract weaknesses, but also human error.
This is what happened on Friday, 19/12/2025 when an unknown crypto holder lost $50 million in USDT after an address poisoning scam.
Address poisoning is a type of scam that manipulates the human psyche and behavior, rather than attacking blockchain technology. Scammers send small amounts of funds from crypto wallets with addresses that are deliberately made to resemble those frequently used by the victim. Usually, the first and last few characters are made to be the exact same, so that victims do not suspect the wallet’s validity.
Then, the scammer uses the TransferFrom function in the USDT smart contract to trigger a $0.00 transfer (or a small amount of transfer) from the victim's wallet to their fake wallet.
As a result, this fake wallet address appears in the victim’s transaction history. The victim is now more likely to trust this address. The next time the victim copies this fake address, they will send assets to it, resulting in the loss of funds.
This is the method used to steal $50 million of USDT from a holder. The attack was reported by Web3 Antivirus, a Web3 security firm. Through a social media post, Web3 Antivirus called this scam “one of the largest on-chain losses recently.”
On-chain data shows that the victim initially sent a small amount of test funds to the correct address. However, a few minutes later, $50 million USDT was sent to a fake address.
In this case, the first three characters and the last four characters of the real and fake wallets were exactly the same, so at first glance, nothing seemed suspicious.
The stolen funds were then immediately converted to Ether (ETH) and distributed across various wallets.
This case serves as a reminder to investors that one of the greatest risks in the crypto world is human error.
Reports of exchange hacks are rampant, but silent attacks that target an investor’s habits are just as dangerous.
Many crypto users still only glance at their wallet addresses, especially if they are used to making large transfers. However, it is this sense of trust that attackers exploit.
This case should not discourage crypto holders from self-custody. However, you must be more careful and thorough when conducting transactions.
First, don't rely entirely on your transaction history. Always save trusted wallet addresses in your contact list instead of copying and pasting addresses from your transaction history.
Second, make sure to read the entire wallet address before making a transaction. Check each letter and number in the wallet address to ensure everything is correct. This may take time, but the effort is worth it to prevent losing a large amount of assets.
Finally, send a small amount of assets to test an address. This is important when sending to a new wallet address or sending large amounts of assets.
Address poisoning is one of many types of scams that exploit the human psyche. Learn about other types of scams and become a more vigilant crypto holder in the article What is a Scam? A Complete Guide to Digital & Cryptocurrency Fraud.
