How one trader lost 50 million USDT due to an address that looked exactly the same

In December 2025, the cryptocurrency world was shaken by news of a catastrophic loss—one trader lost nearly $50 million in just a few minutes. This was not a case of a traditional hack or exploit, but a much more insidious scam involving “address poisoning.” The story of this incident continues to inspire desperate discussions within the community and serves as a harsh lesson for the entire crypto ecosystem.

How the “poisoned” transaction history fooled the scam

It all started innocently. The trader, wanting to transfer funds from an exchange to a private wallet, first sent a test transaction of 50 USDT. This was standard security practice—to verify that everything was working correctly. Unfortunately, this move caught the attention of a vigilant attacker.

The scammer immediately analyzed the victim’s address and generated a new wallet with a deliberate deception—the first and last four characters matched the real address. Then, they sent a small amount of cryptocurrency from this fake address to the trader, causing the fake address to appear in the transaction history, effectively “poisoning” it.

Four characters and wallet UI: the perfect storm

The attack’s genius lay in exploiting a specific UI limitation. Most modern wallets and block explorers truncate long alphanumeric strings—they display addresses in a shortened form, for example: 0xBAF4…F8B5. This means the first and last four characters are visible, with the middle replaced by an ellipsis.

That’s why the fake address looked identical to the real one to the user’s eye. The trader, following common practice, copied the recipient address from the last transaction history—rather than fetching it directly from the source. As a result, they sent the remaining funds—49,999,950 USDT—to the scammer’s wallet.

Desperate attempt to recover and no hope

Within 30 minutes of the attack, the funds were exchanged for a stablecoin, DAI, and then converted into approximately 16,690 ETH. The scammer immediately moved the cryptocurrencies through Tornado Cash—a mixing service that makes transaction tracing more difficult.

The desperate victim, realizing the tragedy, sent an on-chain message to the attacker offering a $1 million white-hat bounty in exchange for 98% of their funds back. However, by December 21, their assets had not been recovered.

Blockchain analyst Specter expressed regret over the loss, commenting: “I hate to say this, but it’s the worst possible loss—entirely due to a small mistake. It only took a few seconds to correctly copy the address, not from the transaction history. The holidays are ruined.”

Why this attack became possible on a $50 million scale

As the value of crypto assets increased, address poisoning scams became even more profitable and widespread. It didn’t require advanced hacking—rather, it exploited basic human habits and UI limitations. Security experts warn that such attacks will only intensify as larger sums are at stake.

How to protect yourself

To avoid suffering the same fate, crypto holders should follow some key principles:

First—always fetch the recipient address directly from the “Receive” tab in your wallet, never from transaction history, even if it looks identical.

Second—add trusted addresses to your wallet’s whitelist. This feature allows quick recognition of known wallets and reduces error risk.

Third—consider using hardware wallets that require physical confirmation of the full destination address. This provides a critical additional layer of verification that cannot be bypassed digitally.

This trader’s story is a reminder that in crypto, the greatest threats are often not the technology or mathematics—they are human errors that clever scammers exploit. A few seconds of extra caution and verification could have saved $50 million.