Investor Loses Nearly $50 Million in Address Spoofing Attack

User sent 49,999,950 USDT to a fraudulent address from compromised transaction history.

A user mistakenly sent 49,999,950 USDT to a fraudulent address after copying it from a compromised transaction history.

🚨💔 A victim lost ~$50M after copying the wrong address from contaminated transfer history. https://t.co/ur4SJ0cvN0 pic.twitter.com/6K5ftJzC1G

— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) December 20, 2025

The malicious scheme involves inserting addresses into the victim’s transaction list that resemble legitimate ones.

The investor initially sent a test transaction of 50 USDT to the correct wallet. Minutes later, he transferred the main amount, copying the data from a history already tainted by a 0.005 USDT transfer. The similarity between the attacker’s address and the recipient’s was sufficient to deceive, as the first three and last four characters matched.

According to on-chain data, the victim’s wallet had been actively used for the past two years, primarily for transactions in Tether’s stablecoin. Shortly before the loss, the funds were withdrawn from Binance.  

Subsequently, the attacker exchanged the stolen assets for Ethereum, split the funds among several wallets, and partially sent them to the crypto mixer Tornado Cash.

How to lose $50M in under an hour. This is one of the largest on-chain scam losses we’ve seen recently.

A single victim lost $50M in $USDT to an address poisoning scam. The funds had arrived less than 1h earlier.

The user first sent a small test tx to the correct address. Mins… pic.twitter.com/Umsr8oTcXC

— Web3 Antivirus (@web3_antivirus) December 19, 2025

“This is one of the largest blockchain scam cases we have seen recently,” commented Web3 Antivirus experts.

As reported by Chainalysis, since the beginning of 2025, hackers have stolen cryptocurrencies worth over $3.4 billion. One trend has been the increasing frequency of personal wallet hacks.