Trader loses $68M in address poisoning scam

Share via:

An unknown trader lost $68 million worth of Wrapped Bitcoin (WBTC) in a single transaction in an address-poisoning scam.

The $68 million theft was first revealed by on-chain security firm Cyvers in a May 3 X post:

“Are we mistaken, or has someone truly lost $68 million worth of $WBTC? Our system has detected another address falling victim to address poisoning, losing 1,155 $WBTC.”

Address poisoning attack. Source: Cyvers Alerts

The victim, wallet “0x1E,” has lost over 97% of its total assets, worth over $67.8 million, according to CoinStats.

Wallet “0x1E.” Source: CoinStats

Address poisoning, also known as address spoofing, aims to capitalize on traders’ carelessness and haste when making transactions. It involves tricking victims into sending their digital assets to fraudulent addresses belonging to scammers.

Related: ZKasino scam suspect arrested, $12.2M seized by Dutch authorities

Scams fall to $25 million historic low in April

Scams continue plaguing the mainstream trust in the crypto industry. Last month, investors lost at least $33 million of digital assets in the fraud case surrounding Zkasino gambling platform. Dutch authorities have arrested a suspect related to Zkasino on April 29.

Despite the Zkasino incident, April only saw $25.7 million worth of cryptocurrency lost to scams and hacks. This marks the lowest historical figure since 2021 when on-chain intelligence firm CertiK started keeping track of the data.

According to the report, losses from hacks, exploits and scams were down 141% over the previous month. The decline is mostly due to the lack of private key compromises. April only saw three private key leaks, whereas March saw over 11 attacks via private key compromises.

Source: CertiK

However, CertiK’s figures don’t include the $33 million ZKasino scam. Although the report considers the project to be in the middle of a “controversy,” it has not yet labeled it a scam.

On April 22, ZKasino transferred all 10,515 Ether (ETH) deposited by investors into the Lido staking protocol, intensifying investor concerns. CertiK’s report said the firm would update its figures if ZKasino was confirmed to be a malicious actor.

Related: Lazarus Group laundered over $200M in hacked crypto since 2020