Ethereum Address Poisoning Drives $79.3M Loss, USDT Transfers Surge 612%

Key Insights:

• Ethereum address poisoning attacks accounted for a loss of $79.3 million in 2022-2024.
• To add fraudulent wallets into the transaction history, attackers rely on automated lookalike addresses and dust transfers.
• Dust transfers in USDT increased by 612% as the Fusaka upgrade drove down fees on Ethereum.

Blockchain analytics platform Etherscan has reported an increasing trend of Ethereum address poisoning attacks. Researchers estimate that users lost at least $79.3 million to address poisoning attacks between July 2022 and June 2024.

Ethereum Address Poisoning Scams Surge, Losses Hit $79.3M

The report is based on an incident related to an Etherscan user named Nima. The user claimed to have received over 89 address-watch alert emails shortly after making two stablecoin transactions. Attackers created several suspicious transfers in about 30 minutes. That saturated the wallet transaction history with lookalike addresses, according to Nina.

Address poisoning is a trick that aims at deceiving users into sending money to rogue wallets. Attackers generate addresses that resemble legitimate ones, often matching the first and final characters of the favored addresses previously used by the victim.

These bogus addresses are then added to the victim’s transaction history, either by small or zero-value transfers. It increases the risk that a user might copy the incorrect address when making another transaction.

Moreover, the report analyzed poisoning activity on Ethereum and BNB Smart Chain. The research estimated that 17 million poisoning attempts, affecting about 1.3 million wallets between 2022 and 2024.

Although the success rate of separate efforts is relatively low, the Ethereum address poisoning cases led to at least $79.3 million in losses.

Ethereum address poisoning losses reach $79.3 million | Source: Etherscan

The results suggest that automation drives these large-scale attacks rather than isolated incidents.

Most campaigns are currently tracking blockchain activity live, targeting addresses that regularly transfer tokens or have large balances. Once automated systems identify a qualifying transaction, they quickly generate similar-looking addresses and send poison transfers to the target wallet.

There also seems to be competition amongst the attackers. Analysts noticed instances where several bad actors tried to add spoofed addresses to the history of a wallet almost simultaneously. In one incident, 13 transfer poisonings occurred within minutes of a valid Tether transaction.

Fusaka Upgrade Leads to an Increase in USDT Stablecoin Dust Transfers

According to the report, these scams are very much dependent on volume. Analysts approximate that an average transfer of poisoning will succeed with only about a 0.01% success rate, which is one in 10,000 attempts.

Nevertheless, the capability to transmit high volumes of automated transactions will enable attackers to be profitable even when the success rates are extremely low.

The state of networks after the December 2025 Fusaka upgrade seems to have further escalated the activity. The Fusaka update provided enhancements that reduced the transaction costs in Ethereum, allowing attackers to send more and more low-value transfers at low cost.

According to the report data, the number of dust transfers, which comprise transactions of less than 0.01, increased dramatically 90 days following the upgrade.

In the case of USDT, dust transfers rose from 4.2 million before the upgrade to 29.9 million afterward, which is a 612% increase. The same spikes were experienced with USD Coin and Dai, which increased by 473% and 470%, respectively.

Ethereum address poisoning attackers often issue minor token balances to newly spoofed wallets and then send single dust transactions to those addresses using those wallets.

Since these transfers require minimal token values, massive campaigns can be implemented at relatively low rates. It increases the chances of finding fraudulent addresses in the transaction records.

The post Ethereum Address Poisoning Drives $79.3M Loss, USDT Transfers Surge 612% appeared first on The Coin Republic.