Crypto users lost tens of millions of dollars in January to address poisoning and signature phishing scams, as attackers exploited lower transaction costs and user inattention to steal funds at scale.
Scam Sniffer Warns of Spike in Address Poisoning Losses
Crypto wallet scams intensified in January, with address poisoning and signature phishing attacks driving significant losses, according to data from blockchain security firm Scam Sniffer.
In one of the most striking cases, a single victim lost $12.2 million after mistakenly copying a malicious address from their transaction history. The incident followed a similar address poisoning attack in December that resulted in roughly $50 million in losses.
Scam Sniffer reported that address poisoning remains one of the most reliable methods for draining large sums from crypto wallets. Attackers create addresses that match the first and last characters of a trusted wallet, while subtly altering the middle portion, making them difficult to spot at a glance.
Alongside address poisoning, signature phishing attacks also surged in January. Scam Sniffer estimates that $6.27 million was stolen from 4,741 victims through malicious signature requests, marking a 207% increase compared to December. Notably, just two wallets were responsible for 65% of all signature phishing-related losses during the month.
Unlike address poisoning, signature phishing relies on tricking users into signing harmful blockchain transactions, such as granting unlimited token approvals or authorizing fund transfers without realizing the consequences.
Analysts believe the recent rise in attack volume may be partly linked to Ethereum’s Fusaka upgrade, rolled out in December. By reducing transaction costs, the upgrade made it cheaper for attackers to send large numbers of dust transactions, lowering the barrier to running address poisoning campaigns at scale.
Read more: SEC Sounds Alarm as Crypto Scammers Flood Group Chats With AI-Powered Cons
Security firms continue to urge users to double-check wallet addresses, avoid copying addresses from transaction histories, and carefully review signature requests before approving them, as these attack methods show no signs of slowing down.
FAQ 🚨
- What is address poisoning in crypto?
Scammers send look-alike wallet addresses to trick users into copying the wrong one.
- How much was lost to these scams in January?
Victims lost tens of millions, including a single $12.2 million address poisoning case.
- Why did signature phishing spike sharply?
Attackers exploited user inattention, stealing $6.27 million via malicious signatures.
- What’s driving the rise in these attacks now?
Lower transaction fees made large-scale scam campaigns cheaper and easier to run.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
DeFi High-Yield Scam Triggers Corporate Crisis! Former CFO Sentenced to 2 Years for Embezzling 35 Million
Former Chief Financial Officer Shetty of a private software company in Washington State was sentenced to two years in prison for secretly embezzling $35 million of company funds to invest in high-risk DeFi projects. His actions led to approximately 60 employees losing their jobs and caused nearly all funds to evaporate due to the Terra collapse. The court ordered Shetty to compensate the company for the losses and to undergo three years of supervision. This incident highlights the need for strengthened regulation of crypto investments.
MarketWhisper32m ago
Research indicates that the transition to post-quantum cryptography could render encryption exchange wallet architectures ineffective
Project Eleven's latest research indicates that under post-quantum cryptography, the current address generation methods used by encrypted exchanges may become invalid. The study shows that systems relying on hierarchical deterministic wallets cannot operate under the new standards, and exchanges will be unable to generate new addresses from public keys.
GateNews37m ago
Quantum computing impacts the security of encrypted wallets? Research suggests post-quantum cryptography may force trading platforms to rebuild wallet systems
With the development of quantum computing technology, blockchain security faces challenges. Currently, mainstream layered deterministic wallets may become ineffective in post-quantum cryptography, forcing custodial institutions to reconstruct their security models. Researchers have proposed new wallet architecture prototypes to adapt to the post-quantum environment, maintain private key security, and generate new public keys to ensure system stability.
GateNews41m ago
Flow Foundation Files Emergency Lawsuit to Prevent Delisting in Korea! FLOW Token Plunges 75%
Flow Foundation has applied to the Korean court to suspend the delisting plans of major exchanges for FLOW tokens, citing that other global exchanges have resumed support after the incident. The security breach caused a 75% drop in the FLOW token's value, impacting its market supply and reputation, although the token remains tradable on other markets. If the court application fails, it could affect FLOW's liquidity in South Korea.
MarketWhisper55m ago
Infiltrating iPhones to Steal Cryptocurrency! The Attack Suite "Coruna" Ravages, Old iOS Versions at Risk of Being Lambs
Coruna is a malicious surveillance tool for iPhone, initially provided by surveillance vendors to the government, and later exploited by hackers to plunder cryptocurrency assets. This tool exploits 23 vulnerabilities to conduct covert attacks, automatically identifying iOS versions and extracting sensitive information from victims. As it becomes commercialized, ordinary users face serious threats. Experts recommend users regularly update their systems and use hardware wallets to protect their assets.
区块客1h ago
SlowMist CISO warns that the USB version of OpenClaw poses security risks
Gate News Announcement, March 9 — SlowMist CISO 23pds (Brother Shan) posted on the X platform to warn that U disk versions of the OpenClaw product have appeared on platforms like Taobao and Xianyu. Sellers claim that users can simply plug and play after purchasing and configuring the model. However, 23pds pointed out that OpenClaw has excessive permissions, making it difficult for ordinary users to identify malicious Skills. Using such products can easily lead to asset loss.
GateNews2h ago
