An investor lost approximately 50 million dollars worth of USDT to scammers due to a small address check error made during the copy-paste.
According to an incident shared by Lookonchain, which analyzes blockchain data, a user with the address 0xcB80 made a test transfer as usual before sending 50 million USDT. The investor thought they checked the address by sending 50 USDT to their own wallet in the initial stage, and this address appeared in the transaction history.
However, it was at this point that the scammers intervened. The attackers created a fake wallet with the same first and last four digits as soon as the user saw the test transaction. This method is known in the crypto world as address poisoning. The fact that many wallet interfaces hide the middle part of the address with three dots makes these types of attacks even more effective.
How do these attacks work?
In this incident, the victim copied the address from the transaction history again and only checked the first and last characters. As a result, the remaining 49,999,950 USDT was sent directly to the fake address controlled by the scammer. Since the transaction was confirmed on the blockchain, there was no possibility of a return.
Experts point out that such cases are particularly frequent in large transfers. It is crucial to check the entire address in crypto transfers, use a whitelist if possible, and avoid copying addresses from transaction history. Otherwise, a single mistake can lead to a loss of millions of dollars.
Stay tuned for new developments
