Crypto User Loses $500K USDT in Ethereum Address Poisoning Scam
Key Highlights A crypto user lost over $500,000 in USDT after mistakenly sending funds to a poisoned Ethereum address that closely mimicked the real one. The scam exploited transaction history copying, with...
Key Highlights
- A crypto user lost over $500,000 in USDT after mistakenly sending funds to a poisoned Ethereum address that closely mimicked the real one.
- The scam exploited transaction history copying, with the victim sending a small test transfer before a much larger onchain payment.
- The incident highlights ongoing risks of address poisoning scams, which have caused multi-million-dollar losses in recent months.
A crypto user has lost more than $500,000 worth of USDT after falling victim to an address poisoning attack on the Ethereum blockchain, highlighting once again how simple mistakes can lead to massive losses in onchain transactions.
The incident was detected at 14:01 UTC, with blockchain security firm CyversAlerts publicly flagging it shortly after at 14:34 UTC. It is among the first reported address poisoning cases of 2026, underlining that this type of scam remains a persistent threat despite growing awareness in the crypto space.
— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) January 16, 2026🚨ALERT🚨Our systems detected a $509K $USDT
address poisoning attack around 24 min ago.The victim initially sent 5K $USDT, unaware that the receiver address belonged to a scammer. The victim intended to send the funds to 0xe842….D3E6F, but mistakenly sent to 0xe842….f3e6F.… pic.twitter.com/bWI1vnLWHS
How the $500,000 address poisoning attack unfolded
According to CyversAlerts, the victim initially sent a test transaction of 5,000 USDT to what they believed was the correct wallet address. The address appeared familiar because it closely resembled the intended recipient, ending in D3E6F.
The address was however under control of a scammer and it was slightly different in the middle character details which are normally hidden or abbreviated in wallet interfaces.
Only two minutes later, the victim made a bulk transfer of 509,000 USDT to the same poisoned address after the test transfer had succeeded. Overall, the victim had lost about $514,000.
Transaction history manipulation
The attack timeline indicates that the scammer had prepared in detail long before the attack. The attacker initially sent several small payments using similar looking addresses to the wallet of the victim, intentionally contaminating the history of transactions.
The victim had copied the address of the previous transactions believing it to be legit, thus choosing the wallet of the scammer as opposed to the real wallet. The money was effectively lost once it was committed on-chain.
Address poisoning attacks take advantage of such habits as copying wallet addresses on the transaction history and not checking them character by character.
A growing pattern of high-value crypto losses
This event is preceded by a significantly bigger address poisoning incident in December 2025, when an experienced trader lost almost half a million dollars in USDT in one transaction.
— Web3 Antivirus (@web3_antivirus) December 19, 2025How to lose $50M in under an hour. This is one of the largest on-chain scam losses we’ve seen recently.
A single victim lost $50M in $USDT to an address poisoning scam. The funds had arrived less than 1h earlier.
The user first sent a small test tx to the correct address. Mins… pic.twitter.com/Umsr8oTcXC
In such a scenario, the attacker would have used an address that resembled the first three and last four characters of the legitimate wallet which would seem genuine at first sight.
The victim had already made a valid test transfer but then copied a tainted address in the history of transfers when making the full transfer. The attacker soon transferred the money to ETH and laundered it through several wallets, and eventually laundered some of the assets through Tornado Cash, making the trail go cold.
The risk of familiarity for crypto users
The importance of addressing poisoning scams is that they do not depend on hacking smart contracts or using protocols. Rather, they are user behavioral directed.
The risk exposure of both retail users and professional traders is rising as crypto usage continues to rise and the number of transactions of the stablecoins such as USDT is high daily.
The latest cases, such as a crypto giveaway scam that took advantage of the official communication channels of Betterment, demonstrate how scammers are changing.
They are becoming more and more dependent on the credibility of trusted platforms, familiar interfaces, and technical tricks to earn credibility. To the wider crypto community, such incidents drive a bitter truth: blockchain transactions are permanent.
Even seasoned users may commit expensive mistakes and once money is transferred onchain, it is hard to retrieve. With the trading activity still at its peak, these scams are still a major threat to the market participants, and this is why more protection to the user and vigilance is of utmost importance.
Also Read: Prince Group’s Chen Zhi Arrested Over $15B Crypto Scam Network
Delegate Your Voting Power to FEED DRep in Cardano Governance.
DRep ID: drep12ukt4ctzmtf6l5rj76cddgf3dvuy0lfz7uky08jfvgr9ugaapz4 | We are driven to register as a DRep by our deep dedication to the Cardano ecosystem and our aspiration to take an active role in its development, ensuring that its progress stays true to the principles of decentralization, security, and community empowerment.DELEGATE VOTING POWER!
