Bitcoin Trader Loses Nearly $70 Million Through Address Poisoning Scam
A cryptocurrency trader lost around $70 million worth of Wrapped Bitcoin (WBTC) through an “address poisoning” scam on May 3. The assets were converted into Ethereum (ETH) and distributed into 400 crypto wallets just a few days later.
According to CoinDesk, multiple blockchain security firms have already confirmed the fraud and the transactions related to this case.
The scammer, imitating a previous transaction, made a 0.05 ether (ETH) transaction to the victim, from a similar wallet address, confusing the trader and tricking them into sending 1,155 WBTC—97% of their assets— to the fake address. The strategy fits perfectly into the modus operandi of this type of scam described by Transak, the Web3 trading platform.
“Scammers make a crypto address that looks almost like yours. They send a small amount to your wallet, hoping you’ll accidentally use their address for your next big transaction.”
Certifik, the blockchain security firm, shared an image and information of the transaction on X through its alerts account CertiK Alert.
“Our system has detected a transfer of 1,155 WBTC (~$69.3m) to an address linked to address poisoning. EOA 0xd9A1 mimicked a transfer of 0.05 ETH which led the victim to send the funds to the wrong address.”
A research team from the blockchain security firm SlowMist is currently investigating the case and shared a report on Medium. The investigation reveals that the hacker generated a transfer address that was identical to the victim’s actual one in the first four and last six digits.
The day after making the transaction the victim wrote to the scammer on the blockchain.
“You’ve won, brother. You can keep 10% and return the 90%. We can act like nothing happened. We both know $7 million is enough to live very comfortably, but $70 million will keep you up at night,” they said, according to the Medium report.
The victim sent more messages to the hacker but didn’t get a response. The hacker turned the stolen WBTC into ETH and waited six days to transfer the money into approximately 400 crypto wallets, making it harder for anyone to trace the assets.
The investigations continue, but there are no guarantees that the victim will get their money back. Amid the current crypto market turbulence, users must stay vigilant, informed, and extremely careful when transferring funds.
