A crypto consumer misplaced almost $50 million in USDT to an tackle poisoning rip-off after copying a fraudulent pockets tackle from their transaction historical past, in line with blockchain safety agency SlowMist.
The sufferer transferred 49,999,950 USDT to an attacker-controlled tackle that intently mimicked their meant vacation spot, with matching first three and final 4 characters.
The stolen funds have been shortly transformed to ETH, distributed throughout a number of wallets, and partially funneled via Twister Money mixer.
Based on the safety particulars, the sufferer’s pockets had been energetic for about 2 years and was primarily used for USDT transfers, with the compromised funds withdrawn from Binance shortly earlier than the poisoned switch.
这位玩家遭遇首尾号相似地址投毒,损失近 5000 万 USDT…
玩家地址:
0xcB80784ef74C98A89b6Ab8D96ebE890859600819
投毒地址:
0xBaFF2F13638C04B10F8119760B2D2aE86b08f8b5
玩家期望中的地址:
0xbaf4b1aF7E3B560d937DA0458514552B6495F8b5
// 可以看到首 3 字符尾 4 字符一样
玩家转 49,999,950… https://t.co/NJiZmmia1W— Cos(余弦)
(@evilcos) December 20, 2025
Crypto Scams Hit $90 Billion
The incident got here up within the midst of a broader safety disaster gripping the cryptocurrency business, which has now misplaced almost $90 billion to hacks and exploits since its inception.
November alone noticed over $276 million stolen, pushing 2025 losses past $9.1 billion, which means roughly 10% of all historic crypto losses have occurred throughout the previous 12 months.
Mitchell Amador, CEO of Immunefi, warned that the risk panorama is basically shifting.
“The risk panorama is shifting from onchain code vulnerabilities to operational safety and treasury-level assaults,” he advised Cryptonews. “As code hardens, attackers goal the human component.”
Regardless of 2025 being the worst 12 months for hacks on file, Amador emphasised these losses stem from operational failures slightly than sensible contract vulnerabilities.
“Whereas 2025 was the worst 12 months for hacks on file, these losses have been pushed primarily by conventional Web2 infrastructure failures and operational safety breakdowns, not onchain code,” he defined.
FBI Reviews $9.3 Billion Misplaced to Funding Fraud
People misplaced roughly $9.3 billion to crypto funding schemes in 2024, marking a 66% improve from the earlier 12 months, in line with FBI information.
Pig-butchering scams contributed over $9.9 billion globally, with Chainalysis information exhibiting exercise surged almost 40% in 2024.
U.S. Senators Elissa Slotkin and Jerry Moran launched the SAFE Crypto Act, which proposes a federal activity drive to coordinate authorities businesses, regulation enforcement, and private-sector consultants to fight crypto-related fraud.
The laws requires approved stablecoin issuers to keep up technical capabilities to freeze or seize digital property tied to criminality.
After $9.3B misplaced to crypto scams like pig butchering, U.S. lawmakers unveil the bipartisan SAFE Crypto Act, making a federal activity drive to combat fraud.#CryptoScam #CryptoRegulationhttps://t.co/kG6oDWQVCC
— Cryptonews.com (@cryptonews) December 17, 2025
Enforcement actions have intensified, with U.S. authorities saying the biggest crypto seizure ever in October, focusing on Cambodia-based Prince Holding Group.
Tether additionally froze almost $50 million in USDT linked to Southeast Asia pig-butchering rings, whereas Binance prevented 7.5 million customers from shedding nearly $10 billion to fraud between December 2022 and Could 2025.
Human Issue Turns into Major Assault Vector
Past refined scams, malware assaults proceed draining wallets, with a Singapore entrepreneur shedding over $100,000 after downloading malicious software program disguised as a game-testing program.
A separate multisignature pockets breach earlier this month resulted in roughly $27.3 million being stolen via personal key compromise, with attackers laundering roughly $12.6 million via Twister Money.
Amador argued the business should basically restructure its safety method.
“Securing code isn’t sufficient if customers and operators stay weak,” he stated.
“Web3 firms want to speculate much more in human-layer safety, and this implies coaching groups, tightening operational controls, and immediately educating customers on how you can spot rip-off messages, acknowledge social engineering makes an attempt, and defend their property onchain.“
He famous that 99% of Web3 tasks function with out primary firewalls, whereas fewer than 10% deploy fashionable AI-driven safety instruments.
“Most hacks this 12 months haven’t occurred resulting from poor audits,” Amador defined. “They’ve occurred after launch, throughout protocol upgrades, or via integration vulnerabilities—blind spots that audits alone can’t catch.“
Regardless of the escalating losses, Amador maintained optimism about onchain code safety, predicting that 2026 would be the greatest 12 months but for sensible contract security because the business continues to harden its technical infrastructure.
The submit Tackle Poisoning Rip-off: One Copy-Paste Mistake Value a Crypto Dealer $50 Million appeared first on Cryptonews.