Two Victims Lose $62 Million To Address Poisoning Since December

Just one victim lost $12.2 million in January by copying the wrong address from their transaction history in an “address poisoning attack,” adding to a similar $50 million attack in December, according to Scam Sniffer.

Address poisoning is when attackers send small transactions or “dust” from addresses that look similar to ones in the target’s transaction history, hoping the victim will copy the wrong address.

Scam Sniffer added that signature phishing also surged recently, with $6.27 million stolen from 4,741 victims in January, a 207% increase compared to December.

Two wallets accounted for 65% of all signature phishing losses.

Signature phishing is slightly different as it tricks users into signing malicious blockchain transactions, such as unlimited token approvals.

Address poisoning trend not slowing down 

“Address poisoning is one of the most consistent ways large amounts of crypto get lost,” reported security firm Web3 Antivirus on Thursday.

Some of the biggest address poisoning losses it tracked over time ranged from $4 million to $126 million. “Recent incidents show this trend isn’t slowing down,” they stated. 

Related: Stablecoin ‘dust’ txs on Ethereum triple post-Fusaka: Coin Metrics

The researchers explained that address poisoners “generate full addresses that match the same first/last few characters you see, but the middle is different, so it looks ‘identical.’” 

Dust attacks on Ethereum have surged 

Analysts speculate that the Ethereum Fusaka upgrade in December has contributed to the increase in attacks because it made the network cheaper to use in terms of transaction costs. 

Stablecoin-related dust activity is now estimated to make up 11% of all Ethereum transactions and 26% of active addresses on an average day, reported Coin Metrics earlier in February. 

The firm analyzed over 227 million balance updates for stablecoin wallets on Ethereum from November 2025 through January 2026, finding that 38% were under a single penny — “consistent with millions of wallets receiving tiny poisoning deposits,” it stated. 

Blockchain intelligence firm Whitestream reported on Sunday that the decentralized DAI stablecoin “has gained a reputation as a preferred stablecoin for illicit actors, serving as a ‘parking place’ for illegally sourced funds.”

“This is due to the protocol’s governance, which does not cooperate with authorities in freezing DAI wallets,” it stated, referencing recent address poisoning attacks. 

Magazine: 6 weirdest devices people have used to mine Bitcoin and crypto

Cointelegraph is committed to independent, transparent journalism. This news article is produced in accordance with Cointelegraph’s Editorial Policy and aims to provide accurate and timely information. Readers are encouraged to verify information independently. Read our Editorial Policy https://cointelegraph.com/editorial-policy