A cryptocurrency investor lost $50 million in USDT after falling victim to an address poisoning attack, according to blockchain security firm SlowMist. The incident occurred when the victim accidentally sent funds to a fraudulent address that closely resembled their intended destination. On-chain data from Etherscan shows the victim initially sent a small test transaction of 0.005 USDT to the correct address at 06:20:35. Approximately 12 minutes later, at 06:32:59, the investor transferred the full $50 million to the poisoned address 0xBaFF2F13638C04B10F8119760B2D2aE86b08f8b5. The fraudulent address was copied from the transaction history, where attackers had planted it through earlier small-value transactions. Rapid Conversion and Money Laundering Tactics The attacker moved swiftly after receiving the funds. Within 30 minutes, the hacker converted the entire $50 million USDT into DAI through MetaMask Swap. SlowMist reported that the funds were then exchanged for 16,690 ETH. The attacker subsequently routed 16,680 ETH through Tornado Cash, a cryptocurrency mixing service that obscures transaction trails. Web3 Antivirus discovered that the victim had withdrawn the $50 million from Binance shortly before making the erroneous transfer. The wallet in question had been active for nearly two years, primarily handling transactions in USDT. The stolen funds currently remain at the target address. Recent Wave of Cryptocurrency Attacks This incident follows a pattern of escalating cryptocurrency theft. Blockchain analytics firm Chainalysis reported that cryptocurrency theft reached $3.41 billion between January and early December 2025. This figure surpasses the $3.38 billion stolen in the previous year. The $1.5 billion hack of Bybit exchange alone represented 44% of the annual total. The three largest attacks accounted for 69% of all service losses. Personal wallet compromises have become increasingly prevalent. These attacks grew from 7.3% of total stolen value in 2022 to 44% in 2024. Chainalysis documented 158,000 instances of personal wallet intrusions affecting at least 80,000 distinct victims. Despite the increase in frequency, the total amount stolen from individual wallets decreased to $713 million from $1.5 billion the previous year.
