Trader Falls Victim to Address Poisoning, Loses $68M WBTC

Trader Falls Victim to Address Poisoning, Loses $68 Million WBTC

Exploits

May 03, 2024

Key Takeaways

A trader lost $68 million in WBTC due to an address poisoning scam, where they sent funds to a fraudulent address;
The massive loss, disclosed by Cyvers, accounted for over 97% of the trader's holdings, totaling around $67.8 million;
In the scam, a small transaction from a similar-looking address tricked the trader into using it for a large transfer.

An unidentified trader was deceived in an address poisoning attack.

The attack resulted in the victim losing 1,155 Wrapped Bitcoin (WBTC), worth around $68 million.

How to Buy Crypto SAFELY With a Credit Card (Animated)

Did you know?

Want to get smarter & wealthier with crypto?

Subscribe - We publish new crypto explainer videos every week!

This incident was disclosed by the Web3 security firm Cyvers in a recent social media post.

In this scam, known as address poisoning, the trader—identified only by the wallet ID "0x1E"—was tricked into sending a massive amount of WBTC to a fraudulent address.

This error led to the loss of over 97% of their total holdings, amounting to approximately $67.8 million.

In an address poisoning scam, a cybercriminal makes a crypto address similar to the victim's, often matching the initial and final characters.

The scammer then sends a small transaction to the victim's wallet. The goal is for the victim, not paying close attention, to mistakenly copy this fraudulent address from their transaction history and use it in their next transactions.

The theft highlights a need for heightened security measures and carefulness when making digital transactions, emphasizing how advanced and deceptive fraud schemes have become in targeting digital assets.

For example, the North Korean hacker group Lazarus has started stealing crypto by posing as job-seeking blockchain developers on LinkedIn and launching malware attacks.