A cryptocurrency trader suffered a staggering loss of approximately $50 million in USDT due to an address poisoning scam that took place on December 20, 2025. This alarming incident saw the victim unwittingly transferring 49,999,950 USDT to a fraudulent address, which had been cleverly disguised to appear legitimate by an attacker.
The entire theft unfolded in less than one hour, showcasing the speed and sophistication of modern scams in the cryptocurrency space. According to monitoring reports from SlowMist, the stolen funds were quickly converted into Ethereum, dispersed across various wallets, and partially laundered through Tornado Cash.
In an attempt to recover the stolen assets, the victim made an on-chain appeal, demanding the return of 98% of the funds within a 48-hour timeframe. Additionally, the trader offered a $1 million bounty as a white-hat reward to the attacker while also threatening legal action and involvement from international law enforcement.
The attack exploited a common vulnerability where the victim had recently withdrawn $50 million from Binance. Following best practices for security, the trader executed a small test transaction of 50 USDT to the intended recipient address. However, shortly after, the scammer injected a fraudulent address into the victim”s transaction history through a dust transaction, which involved sending a negligible amount of 0.005 USDT.
When the trader returned to make the full transfer, they copied what seemed to be the correct address from their recent transactions. The fraudulent address cleverly matched the legitimate one in the first three and last four characters, deceiving the victim. The fraudulent wallet had been active on-chain for around two years, primarily engaging in USDT transactions.
On-chain analysis suggests that the attackers were monitoring the movements of high-value wallets, waiting for significant transfers to execute their scheme. This incident reflects a broader trend of address poisoning attacks, which have reached a staggering total of $3.4 billion in confirmed losses throughout 2025. Over 158,000 personal wallets have been compromised, affecting around 80,000 unique victims.
September 2025 alone recorded 32,290 suspicious poisoning events across various blockchain networks, impacting 6,516 unique victims. Researchers have identified more than 270 million attempted poisoning incidents across Ethereum and the Binance Smart Chain. Confirmed losses attributed to these fraudulent techniques now exceed $83.8 million, marking a significant threat to the security of the cryptocurrency ecosystem.
Scammers are increasingly sophisticated, closely monitoring blockchain activity for high-value transfers and then promptly injecting poisoned addresses that appear in victims” transaction histories at critical moments. This highlights the urgent need for enhanced security measures and user vigilance in the ever-evolving landscape of cryptocurrency.
