A user lost nearly $50 million in USDt after copying a poisoned wallet address from transaction history, illustrating how subtle address spoofing can deceive even experienced crypto enthusiasts. This incident highlights the risks associated with address poisoning scams, where scammers insert look-alike wallet addresses into a victim’s transaction history via small transfers. When the victim later attempts to copy an address, they may unknowingly select the scammer's address instead of their intended recipient.

Onchain investigator Web3 Antivirus reported that the victim initially sent a small test transaction to the correct address. However, mere minutes later, they transferred nearly $50 million to the malicious wallet. This single transaction error represents one of the largest onchain losses observed this year.

Security researcher Cos, founder of SlowMist, pointed out that the similarity between the legitimate and malicious addresses was subtle. The first three characters and the last four characters matched, creating a perfect opportunity for deception. The victim's wallet had been in use for about two years, primarily for USDt transactions, and was actively managed at the time of the incident. Just before the loss, funds were withdrawn from Binance, indicating that the user was likely engaged in transactions.

The brutal reality of address poisoning lies in its exploitation of human habits rather than technological vulnerabilities. Attackers have since swapped the stolen USDt for Ether (ETH), dispersing the funds across multiple wallets, with a portion moved into Tornado Cash to obscure the transaction trail.

In a broader context, crypto-related hacks have surged, resulting in $3.4 billion in losses in 2025 alone. This marks the highest annual total since 2022, driven by significant breaches targeting major crypto entities. Remarkably, just three incidents accounted for 69% of total losses this year, with the $1.4 billion hack of crypto exchange Bybit being the most notable.

As the landscape of cryptocurrency continues to evolve, so do the tactics employed by scammers. Users must remain vigilant and double-check wallet addresses, even when they seem familiar. This incident serves as a cautionary tale for the crypto community, emphasizing the need for heightened awareness and security measures to prevent such devastating losses in the future.