AI System Developed to Combat Address Poisoning Attacks

Cybersecurity firms Trugard and Webacy have unveiled an AI system designed to detect “poisoned” crypto addresses, as reported by Cointelegraph.

The tool employs a supervised machine learning model, calibrated using real-time transaction data. It also incorporates on-chain analytics, feature engineering, and behavioral context. 

The system demonstrated a 97% accuracy rate during tests on known attack cases. 

“Address poisoning is one of the most underestimated yet costly scams in the crypto industry. It exploits a simple assumption: what you see is what you get,” noted Webacy co-founder Maika Isogawa.

“Poisoning” is a type of fraud where attackers send victims small amounts from an address similar to the legitimate one. Typically, the first and last characters of the wallet match—these are the characters users often check before sending funds. 

The aim of the attack is to deceive the victim into transferring funds to the attacker. Usually, this affects individuals who copy addresses from transaction history. 

Between July 1, 2022, and June 30, 2024, more than 270 million “poisoning” attempts were made on the BNB Chain and Ethereum networks. Of these, 6,000 were successful, netting fraudsters over $83 million. 

Regular Updates

Trugard’s CTO Jeremiah O’Connor highlighted that the team has transferred expertise from the Web2 cybersecurity domain to the Web3 world, adapting proven approaches to new conditions.

“Most existing Web3 attack detection systems rely on static rules or basic transaction filtering. These methods often lag behind evolving tactics, techniques, and procedures of attackers,” he noted. 

The new system uses machine learning to learn and adapt to “poisoning” attacks. 

“AI can detect patterns often inaccessible to human analysis,” Isogawa remarked.

O’Connor added that Trugard created synthetic data for the AI to simulate various types of attacks. They then applied a supervised learning system—the model was trained on labeled data. 

The neural network is refined with new information as advanced strategies emerge. 

“In addition, we created a synthetic data generation layer that allows continuous testing of the model on simulated poisoning scenarios. This has proven incredibly effective, helping the neural network remain reliable over time,” O’Connor stated. 

In March, “poisoning” of crypto addresses netted hackers $1.2 million in three weeks. On February 20, one victim lost $763,662.