According to SlowMist, a crypto trader lost nearly $50 million in Tether in under an hour due to an address poisoning scam exploiting copy-paste habits from transaction history.
On December 20, 2025, a cryptocurrency trader lost 49,999,950 USDT to an address poisoning scam, according to security firm SlowMist. The scam involved a fraudulent wallet address mimicking the first and last characters of the intended recipient, inserted into the victim's transaction history via a dust transfer. Mistakenly copying this address, the victim conducted the full transfer, and the funds were stolen in under an hour. The USDT was swiftly moved and converted to other assets across multiple wallets, with some transactions routed through Tornado Cash to obscure tracking. This incident highlights the risks of address poisoning, which exploits user habits rather than blockchain vulnerabilities.