A cryptocurrency user has lost nearly $50 million due to a costly mistake caused by copying a spoofed address and trusting visual similarity. According to the Lookonchain update, the victim copied the wrong wallet address when he made the crypto transfer.

How attacker exploited "common mistake"

Notably, the victim had done a test run of $50 to his address, which allowed the scammer to spoof the wallet. The exploiter used the same first and last four characters to perform a "poison attack."

The attack exploited common wallet interfaces that shorten addresses for easy readability.

The spoofed address, which the attacker created, was what the victim mistakenly copied and proceeded to transfer the remaining full $49,999,950. The trap that the attacker set worked, leading to the loss of the funds, as blockchain transactions are irreversible.

A victim (0xcB80) lost $50M due to a copy-paste address mistake.

Before transferring 50M $USDT, the victim sent 50 $USDT as a test to his own address 0xbaf4b1aF...B6495F8b5.

The scammer immediately spoofed a wallet with the same first and last 4 characters and performed an… pic.twitter.com/eGEx2oHiwA

This incident emphasizes the need for users to always verify the full address, not just the first and last sets of characters. This is because address poisoning scams have increased significantly in 2025, with malicious attackers looking to exploit any mistakes made by wallet owners.

Experts have always advised against "copy and paste" of addresses from one’s transaction history for convenience.

Such a move could lead to lifting a spoofed address and sending the funds to a different location. Hence, users are cautioned to always pause and verify all transfers at least twice, particularly those involving large sums.

Can collaborative effort curb online exploits?

Some members of the online community have advocated that the crypto sector should normalize smart contracts and whitelist addresses. They also canvassed the need for more awareness campaigns that would constantly educate users about this vulnerability.

You Might Also Like
Sat, 12/20/2025 - 10:33 XRP to $2? But 42% Volume Drop Threatens Next MoveByTomiwabold Olajide

Earlier in May 2025, leading exchange Coinbase teamed up with law enforcement authorities to prevent spoofing schemes meant to manipulate the market. As highlighted by Coinbase’s Chief Legal Officer Paul Grewal, the spoofing scheme was led by one Chirag Tomar, who had stolen over $20 million from users.

Tomar impersonated the Coinbase exchange and sent fake emails to unsuspecting users and faked official communication to defraud victims. The incident shows the power of collaborative efforts in tackling scams in the crypto industry.

Generally, these malicious actors look for ways to exploit legitimate offers and clone them to trick users.

It might explain the reason Binance, in its recent Dubai event, issued a crucial update to users. It cautioned users against clicking on any link that is not the official Binance Live broadcast channel. The advice was to protect them from falling prey to malicious attackers.

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。