In one of the most dramatic examples of a crypto phishing scam this year, a cryptocurrency trader lost 49,999,950 USDT (nearly $50 million) after inadvertently sending funds to a scammer’s wallet — all because of a single copy-paste error.
The attack exploited a subtle but extremely dangerous method known as address poisoning, in which scammers plant lookalike wallet addresses into a user’s transaction history. When the victim copied what looked like the correct destination address for a large transfer, they were actually pasting a fraudulent one.
Here’s how it unfolded:
-
Before sending the full amount, the victim carried out a routine test transfer of around 50 USDT to their own wallet — a common practice among cautious traders.
-
Scammers quickly created an address nearly identical to the legitimate one, matching the first few and last few characters, and “poisoned” the victim’s transaction history by sending tiny transactions from the lookalike address.
-
Later, when sending the remaining 49,999,950 USDT, the trader copied the wrong wallet address from their history and unknowingly sent all funds to the attacker. Because blockchain transactions are irreversible, the $50 million was lost instantly.
After the theft, the scammer rapidly converted the stolen USDT into ETH and moved it through multiple wallets — including Tornado Cash — making recovery extremely difficult.
Why This Scam Was So Effective
Unlike typical hacks that rely on technical vulnerabilities, address poisoning exploits human behavior and habit, combined with how wallet interfaces display recent transactions. Most wallets show only the beginning and end of an address, assuming the middle isn’t needed for verification. Scammers take advantage of that limitation.
Security analysts warn this kind of attack doesn’t require breaking blockchain protocols — it just needs subtle deception and an unsuspecting user.
