A crypto user has lost over $500,000 in USDT after falling victim to an address poisoning attack on the Ethereum blockchain. The attack was detected around 14:01 UTC on January 16, 2026, and was reported by the web3 security platform CyversAlerts at 14:34 UTC.
The $514,000 address poisoning scam unfolded when the victim first sent a test transaction of 5,000 USDT to an address ending in D3E6F, which they believed was legitimate. This address was, in fact, a poisoned fake monitored by the scammer, subtly mimicking the intended recipient's address which ended in f3e6F. Two minutes after the test, the victim sent a bulk transfer of 509,000 USDT to the same fraudulent address, resulting in a total loss of $514,000. The scammer had prepared by sending multiple small transactions from various similar addresses to poison the victim's transaction history, tricking them into copying the fake address.
This incident follows a massive $50 million address poisoning loss in December 2025, where a seasoned trader transferred 49,999,950 USDT to an attacker-controlled address that closely mimicked the intended destination. The scammer quickly converted the stolen USDT to ETH, distributed it across multiple wallets, and partially laundered it through the Tornado Cash mixer. The victim had sent a successful test transaction to the correct address, leading them to not double-check when pasting the address from their history for the bulk transfer.
In a separate but equally staggering incident, on-chain investigator ZachXBT revealed a $282 million theft of Bitcoin and Litecoin via a hardware wallet scam on January 10, 2026, around 11 p.m. UTC. The victim lost approximately 1,459 BTC and 2.05 million LTC. This was not a technical exploit but a successful social engineering attack, where the victim was tricked into giving up access or approving a malicious transaction.
The attacker began converting the stolen BTC and LTC into Monero (XMR) through instant exchanges, an action ZachXBT suggested contributed to a sharp increase in XMR's price as the market absorbed the flow. The attacker also bridged BTC to other networks including Ethereum, Ripple, and Litecoin using Thorchain. At the time of the theft, Litecoin was trading around $74.57 and Bitcoin near $95,512.
These incidents underscore a critical vulnerability in crypto security: the human element. While technical exploits persist, user error and sophisticated social engineering remain highly effective attack vectors. Security firm PeckShield noted that while total exploit losses fell to about $76 million in December 2025 from $194.3 million in November, incident activity remained elevated.
