Making sure that you're sending your bitcoin (BTC) to the intended receiver is becoming more important, as BTC address poisoning attacks are now starting to occur in the bitcoin world as well.
Contrary to your regular bank transfer, one wrong symbol in a crypto receiver address might end up with lost funds. Until now, address poisoning – or replacing a legitimate address with a fraudulent one – was more popular when attacking ethereum (ETH) and its users, as they're usually using the same address to receive their assets.
Meanwhile, security researchers have found multiple similar attacks among BTC users as well. Contrary to ETH, BTC users can generate a new address for every transaction, which is considered to be a superior security practice.
However, bitcoin security researcher Jameson Lopp, co-founder of BTC and ETH custody solutions company Casa, said he's found almost 48,000 transactions on the bitcoin blockchain that are likely to be instances of potential address poisoning. Data about the results of this type of attack on bitcoiners is mixed. According to Lopp's presentation at the MIT Bitcoin Club, only one attack was somewhat successful, while the criminals spent 0.3 BTC to earn 0.1 BTC.
In either case, the researcher noted that the criminals are resuming their activities again.
"That one successful trickery could have easily resulted in a much higher ROI [Return On Investment] because the address from which the funds were spent held nearly 8 BTC, which could have made the entire project profitable," according to Lopp.
However, a bitcoin developer known as mononaut on the X platform suggested that address poisoning might have been used during the DMM exchange attack in 2024, which cost the platform more than 4,500 BTC. According to Lopp, this particular attack might have also been combined with a private key theft.
arguably the ROI might be 4500+ BTC 😱https://t.co/lK5kb4H4o9
undefined mononaut (@mononautical) April 5, 2025
In either case, here's how an address poisoning attack works: attackers use vanity address generator tools to create a bitcoin address that looks very similar to the victim’s recently used addresses. Then, the criminals send a small amount of BTC to this address. Next, they "poison" the target's transaction history by sending them BTC from this similar-looking address.
"When the victim later wants to send funds, they may naively copy a previously used address from their transaction history without realizing it's the attacker’s spoofed address," Lopp explained, urging people to double-check the entire address before sending bitcoin.
Also, according to the security expert, using address labels or contacts in your wallet to avoid relying on memory or recent transactions, and not trusting addresses even in your own transaction history, might help as well. Meanwhile, the chief advice remains: do not re-use BTC addresses, which also helps strengthen your privacy.
Your email address will not be published. Required fields are markedmarked