Jameson Lopp, the Chief Security Officer at Bitcoin (BTC) Casa Casa, dunned the alarm for the Bitcoin address poisoning attacks, a fraud in social engineering that uses similar addresses from the transaction history of a victim to send them money to the malicious address.
According to Lopp's article of February 6, the threat players generate BTC addresses that correspond to the primary and last digits of addresses within the transaction history of the victim. Lopp analyzed the Bitcoin blockchain story for one of these attack and located:
“The first transactions of such transactions first appeared 797570, July 7, 2023, which had 36 such transactions. Then all the pieces was quiet until Block 819455, December 12, 2023, after which we will find that we usually find these transactions as much as Block 881172, January 28, 2025.
“In these 18 months, slightly below 48,000 transactions were sent, which matched this profile of potential address poisoning,” added Lopp.
Example of a poisoned address attack. Source: Jameson Lopp
The manager asked Bitcoin owners to thoroughly check the addresses before sending funds, and asked for higher item pocket interfaces to completely display addresses. The warning of Lopp underlines the aspiring cyber security and fraudulent systems which can be stricken by the industry.
Address poisoning fraud and exploits demands billions in stolen user funds
According to Cybersecurity Cyvers, over 1.2 million US dollars were stolen from address poisoning attacks in March 2025. CEO of Cyvers, Deddy Lavid, said these kinds of attacks cost users 1.8 million US dollars in February.
Peckshield security company Blockchain estimates that the full amount of crypto hacks in the primary quarter of 2025 is over 1.6 billion US dollars, with nearly all of the stolen funds.
The Bybit hack in February was accountable for losses of 1.4 billion US dollars and is the biggest crypto hack in history.
Cyber ​​security experts have certain the attacks on North Korean state-related hackers that use complex and developing social engineering programs to steal cryptocurrencies and sensitive data from goals.
The joint fraud offers from the Lazarus group Social Engineering include fraudulent vacancies, zoom meetings with fake risk capital providers and phishing fraud on social media.
