Crypto Trader Loses $12.4M in Sophisticated Address Poisoning Scam

Jan 31, 2026, 12:27 p.m. 7 sources negative

Key takeaways:

  • Address poisoning scams exploit user complacency, highlighting critical need for wallet verification protocols.
  • High-value thefts like this $12.4M loss could pressure exchanges and services to enforce stricter address validation.
  • The recurrence of similar large-scale scams indicates a structural security weakness, not just isolated user error.
ETH ETH $2076.69 -2.52%

A cryptocurrency trader suffered a devastating loss of 4,556 ETH (approximately $12.4 million) after falling victim to an elaborate address poisoning scam. The attack exploited a common user behavior: copying wallet addresses from transaction history.

The scammer generated a fake wallet address that shared the same first and last four characters as the legitimate deposit address for Galaxy Digital, a prominent crypto investment firm. To make the fake address appear in the victim's transaction history, the attacker sent multiple tiny "dust" transactions to the victim's wallet (0xd674).

When the trader, who frequently transferred funds to Galaxy Digital via the legitimate address (0x6D90CC...dD2E48), went to execute a transaction, he copied what he believed was the correct address from his history. Without verifying the full address string, he initiated the transfer, sending the entire 4,556 ETH balance to the attacker's "poisoned" address. The attacker swiftly swept the funds, leaving only 6.8 ETH remaining in the victim's wallet.

Blockchain analytics platform Lookonchain first reported the incident on January 31, 2026, highlighting the copy-paste error that enabled the multi-million dollar theft. This event underscores a growing trend of address poisoning attacks, where hackers rely on user complacency and the visual similarity of addresses.

The incident has sparked warnings from the community about the critical importance of security practices. Experts and users advise against copying addresses from transaction history, recommending instead the use of verified address books or Ethereum Name Service (ENS) domains. Some, like user Mark Huber, suggest sending large sums in smaller batches to mitigate potential total loss.

This is not an isolated case. The report references a similar, even larger incident in December 2025, where a user lost $50 million after copying a spoofed address. In that instance, the attacker used a small, successful test transaction of $50 to establish legitimacy before the victim sent the remaining $49,999,950.

ETH ETH Ethereum $2076.69 -2.52%
Negative sentiment from high-profile security breach may temporarily dampen retail confidence, but no fundamental impact on Ethereum's network value or institutional adoption.
Sources
Trader Loses $12.4M in Address Poisoning Scam
coinpedia.org 31.01.2026 11:17
Scam Alert: Ethereum Whales Lose Millions to Copy-Paste Error
u.today 31.01.2026 11:57
$12.4M Gone: Ethereum Whale Tricked by Fake Galaxy Address
www.livebitcoinnews.com 31.01.2026 12:28
Top Today
4 hour ago 5 sources
Tim Draper Predicts Bitcoin Adoption Surge as Fiat Trust Falters; Druckenmiller Bets on Stablecoin Revolution
BTC BTC $70760.00 -2.26%
6 hour ago 5 sources
Bitcoin Miners' AI Pivot Could Unleash 80,000 BTC Supply Overhang, Warns Lekker Capital CIO
BTC BTC $70760.00 -2.26%
11 hour ago 6 sources
Michael Saylor Defends Bitcoin After Boris Johnson Labels It a 'Giant Ponzi Scheme'
BTC BTC $70760.00 -2.26%
yesterday / 23:35 8 sources
Federal Appeals Court Rejects Custodia's Final Appeal as Fed Opens 'Skinny' Master Account Path for Crypto Firms
yesterday / 22:55 5 sources
Bitcoin Whales Resume Accumulation Amid Record-Low Exchange Reserves and Surging User Growth
BTC BTC $70760.00 -2.26%
yesterday / 20:44 5 sources
DeepSnitch AI Presale Nears Close Amid Contrasting Outlooks for Meme Coins Pepe and Pepeto
DSNT
PEPETO
PEPE PEPE $0.000003345 -7.05%
yesterday / 18:36 7 sources
Shiba Inu Burn Rate Surges 45% Amid Price Rebound and Supply Debate
SHIB SHIB $0.000005888 -4.74%
Disclaimer

The content on this website is provided for information purposes only and does not constitute investment advice, an offer, or professional consultation. Crypto assets are high-risk and volatile — you may lose all funds. Some materials may include summaries and links to third-party sources; we are not responsible for their content or accuracy. Any decisions you make are at your own risk. Coinalertnews recommends independently verifying information and consulting with a professional before making any financial decisions based on this content.