- Trader loses $2.5 million in address poisoning scam.
- Incident underscores rising sophistication of phishing scams.
- No official statements from major crypto industry leaders.
Lede
A crypto trader suffered a $2.5 million USDT loss on May 26, 2025, due to falling victim to an address poisoning scam twice in one day.
Nutgraph
The incident highlights growing concerns about cryptocurrency security and the sophistication of phishing scams, as scammers increasingly exploit transaction history vulnerabilities.
Sections
Address Poisoning Scams
Address poisoning scams tricked a crypto trader into transferring millions to scammers using deceptive addresses. Blockchain firms Scam Sniffer and Cyvers reported the event but industry leaders remained largely silent. The first theft involved $843,000 USDT, quickly followed by an additional $1.7 million.
The primary impact centered around the USDT stablecoin, with transaction records revealing confusion between genuine and fake wallet addresses. Blockchain security firms noted the attack follows earlier phishing schemes targeting crypto users. Scam Sniffer linked this scam to previous transaction history attacks.
“This incident is a clear example of a Transaction History Poisoning attack, where scammers are able to contaminate transaction history with fake transfers.” — Scam Sniffer, Blockchain Security Firm
Growing Concerns
The incident caused concern within the cryptocurrency community over wallet security and vulnerability to address mimicry tactics. Firms like Scam Sniffer and SlowMist have outlined similar risks while recommending enhanced awareness to users. In historical context, a prior scam in 2023 involved a scammer stealing $20 million worth of USDT.
Address poisoning scams contribute to the $270 million worth of attacks observed in recent years, affecting BNB Chain and Ethereum. This event raises alarms about the effectiveness of current blockchain security measures, signaling a need for increased user education and improved security protocols.
