The cryptocurrency ecosystem was shaken by one of the biggest on-chain scams of recent years. One user’s USDT, worth almost $50 million, was sent to a wrong wallet within seconds, using an attack method known as address poisoning. The incident brought to the fore not only an individual mistake, but also how blockchain architectures can riskily intersect with user behavior.
How Did the Address Poisoning Attack Happen?
At the center of the incident is a wallet that has been active for about two years and is used mainly for USDT transfers. The user received approximately $50 million USDT in his wallet after funds were withdrawn from Binance. Following what he thought was a safe method, he first made a small test transfer and then made the main transfer a few minutes later. However, in this second transaction, he unknowingly used the wrong address.
Before reaching this point, the fraudster had already prepared the “address poisoning” attack. A wallet that was extremely similar to an address the victim had frequently traded with before was created and a very small amount of USDT was sent and added to the transaction history. Because the addresses appeared as long and complex strings in the wallet interface, the user chose this fake address instead of the real recipient when copying the address from the transaction history. As a result, approximately $50 million was transferred to the attacker’s wallet in one click.
UTXO Model Discussion and Charles Hoskinson’s Commentary
Cardano’s founder, Charles Hoskinson, argued in his evaluation after the incident that such a loss is much more difficult to experience in some blockchain architectures. He stated that the account-based model used by Ethereum and EVM-based networks makes frauds such as address poisoning structurally possible. In this model, addresses are kept as permanent accounts, and wallets frequently direct users to copy addresses from past transactions. Scammers target exactly this habit.
According to Hoskinson, networks that use the UTXO model, such as Bitcoin and Cardano, are more resilient in this respect. In the UTXO model, each process produces new outputs and old outputs are consumed; There is no permanent “account status”. For this reason, there is no address history that can be visually poisoned. He emphasizes that the incident is not a protocol vulnerability or smart contract error, but a dangerous interaction of design and human behavior.
Similar risks have recently come to the fore with other news. In recent weeks, a major wallet provider has released a security update that warns its users against address copying habits and revamped its address verification screens. These developments show how critical wallet design is as well as individual measures.
