The price of “speed and convenience” in the cryptocurrency space could be as high as $12.4 million. An Ethereum (ETH) holder and regular crypto user just found that out as he lost 4,556 ETH valued at over $12.4 million after he accidentally transferred the asset to an attacker’s poison address.
How copy-paste error enabled $12.4 million attack
Lookonchain update explained that the attacker generated a fake address containing the first and last four characters of the Galaxy Digital’s real deposit recipient. The attacker proceeded to send tiny “dust” transactions to the victim’s wallet.
The goal was to simulate a fake or poison address in the victim’s transaction history. The goal of the malicious actor was to make the address look legitimate and familiar to the victim. The attacker was relying on the victim not paying close attention to details, given the similarity in the address.
The user, likely out of convenience and the need to quickly execute the transaction, opened his transaction history and copied what he thought was Galaxy Digital’s address. Given that it is a transaction he performs on a regular basis, he thought nothing of it and did not double-check the entire address.
This “copy and paste error” has cost the user $12.4 million as he sent the entire 4,556 ETH to the hacker’s address.
The poison address form of scam attacks is gaining traction in the crypto space as hackers rely on users not painstakingly checking addresses. In December 2025, another user lost $50 million after they copied a spoofed address due to visual similarity.
Interestingly, with this user, he had done a test run with $50 to his address, and it was this trial that the malicious hacker used to spoof the wallet as a trap. Unfortunately, the user fell victim to transferring the remaining $49,999,950 to the hacker.
Users warned to watch out for address poisoning scams
The frequency of these attacks calls for more vigilance in the crypto space. Users need to stop copying addresses from transaction history. They also must verify the entire address, not just the first and last four characters, which could be a poisoned address.
One user, Mark Huber, while reacting to the loss, stated that he always prioritizes safety over convenience when making transactions. Huber claimed that if he were to send $12 million, he would probably send it in batches of $100,000 at a time.
The idea is to avoid losing the entire funds in a single transaction. Others have advised the use of the ENS domain or address book to avoid such losses.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Gerelateerde artikelen
Ronin 宣布 5 月 12 日遷移至以太坊 L2,主網停機約 10 小時
根據 Decrypt 4 月 23 日報道,遊戲區塊鏈 Ronin 的開發商 Sky Mavis 宣布,Ronin 將於 5 月 12 日從以太坊側鏈遷移至以太坊 Layer 2,採用 OP Stack 技術架構;遷移期間主網將於美國東部時間上午 11 點至晚上 9 點停機約 10 小時。
MarketWhisper12m geleden
Gold and Silver Slip Slightly, Oil Rises; Bitcoin and Ethereum Volatility Indices Decline
Gate News message, April 23 — Gold prices fell to $4,731.95 per ounce with a daily decline of 0.18%, while silver dropped to $77.585 per ounce, down 0.13% intraday. Bitcoin volatility index (BVIX) stood at 43.64, declining 1.80%, and Ethereum volatility index (EVIX) reached 63.90, down 5.19%.
In
GateNews17m geleden
Kelp DAO Attacker Converts Majority of 75,700 ETH to BTC via THORChain
The Kelp DAO attacker converted around 75,700 ETH (about $175M) to Bitcoin via THORChain, producing $800M in trading volume and $910,000 in THORChain fees.
Abstract: The report notes that the Kelp DAO attacker moved the majority of 75,700 ETH (roughly $175M) into Bitcoin using THORChain’s cross-chain swap. The swap generated about $800 million in trading volume and roughly $910,000 in THORChain fees, illustrating the liquidity and revenue implications of cross-chain activity during an exploit.
GateNews56m geleden
Ronin Blockchain to Migrate to Ethereum Layer 2 on May 12, with 10-Hour Mainnet Downtime
Gate News message, April 23 — Ronin, a gaming blockchain, will migrate from an Ethereum sidechain to Ethereum Layer 2 on May 12. The migration will be triggered at block height 55,577,490 and will transition Ronin to OP Stack. The mainnet will experience approximately 10 hours of downtime, from 11 a
GateNews1u geleden
ether.fi's Liquid ETH Vault Now Accepts aWETH Deposits for Aave Users
Gate News message, April 23 — ether.fi announced that its Liquid ETH vault now accepts aWETH deposits, providing an exit option for users facing liquidity constraints on Aave.
The Liquid ETH vault does not hold WETH exposure to Aave, according to the
GateNews1u geleden
Newly Created Address Withdraws 4,000 ETH Worth $9.59M from Major CEX
Gate News message, April 23 — According to Onchain Lens, a newly created address (0x66e...5b6b) withdrew 4,000 ETH, valued at approximately $9.59 million, from a major CEX.
The tokens were transferred to the address earlier
GateNews1u geleden
