Ethereum surge tied to address poisoning scams after Fusaka upgrade
In his latest blog post, digital economy researcher Andrey Sergeenkov warned that someone is using a recent Ethereum upgrade to send small transactions across the network, attempting to create deceitful entries in transaction histories and trick users into using incorrect addresses for their transactions. This is known as an address poisoning attack.
"Poisoning addresses are created to look similar to victims' legitimate addresses (matching first and last characters). The victim sees a ‘familiar’ address in transaction history, copies it without full verification, and sends real funds to the attacker," Sergeenkov explained, adding that his estimates of already incurred losses are conservative, and the number will grow as the attack scales up.
The researcher’s findings show that, out of the $740,000 in losses registered so far, $509,000 were lost by a single victim. Moreover, the attack’s scale may be larger, as the author analyzed only stablecoin transactions, while other tokens may also have been used in these attacks.
In his post on Monday, the researcher said that over the previous four days, new poisoning contracts had been launched, with the largest already distributing so-called “dust,” or very small crypto asset transactions, to 78,000 addresses.
Sergeenkov blamed Ethereum’s December upgrade, called Fusaka, claiming that it “made spam transactions cheap enough to be profitable,” allowing criminals to exploit smart contracts to automate the mass distribution of “poisoning dust.”
"What developers are doing is reckless experimentation at users' expense disguised as a revolution where ordinary people bear all the risks," the researcher said.
However, online commenters pushed back, arguing that the Fusaka upgrade and lower transaction fees have created "overwhelmingly more positive value for Ethereum than the negative risks they bring by making spam attacks cheaper."
In either case, blockchain data shows that on January 12th, there were 2.7 million new Ethereum addresses, 170% more than usual, while the number of transactions on the network jumped by 63%, to more than 17 million in a week.
In related crypto crime news this morning, multiple blockchain analysts flagged that DeFi protocol Makina may have lost $4-5 million in an exploit. The team behind the protocol has yet to confirm the alleged theft.
Unlock more exclusive Cybernews content on YouTube.
