Home
/
News
/
Exploiter Steals $68M Worth of Crypto Through Address Poisoning

Exploiter Steals $68M Worth of Crypto Through Address Poisoning

https://www.coindesk.com/business/2024/05/03/exploiter-steals-68m-worth-of-crypto-through-address-poisoning/

The victim was duped by a mimicked 0.05 ether transfer.

Updated May 3, 2024, 2:13 p.m. Published May 3, 2024, 2:07 p.m.

  • A user unintentionally sent 1,155 wrapped bitcoin to an exploiter's wallet after being targeted by address poisoning.
  • The scam has been confirmed by various blockchain security firms.

A cryptocurrency user has lost $68 million worth of wrapped bitcoin (WBTC) after falling victim to an address poisoning exploit, according to blockchain security firm CertiK.

Address poisoning is a technique that involves tricking the victim into sending a legitimate transaction to the wrong wallet address by mimicking the first and last six characters of the true wallet address and depending on the sender to miss the discrepancy in the intervening characters. Wallet addresses can be as long as 42 characters.

In this case, the exploiter mimicked a 0.05 ether {{ETH}} transaction before receiving 1,155 WBTC from the victim.

Security platform Cyvers and blockchain sleuth ZachXBT confirmed that $68 million had been lost to an address poisoning scam.

Crypto investors lost $2 billion to hacks, scams and exploits across decentralized finance (DeFi) in 2023 and an additional $333 million was stolen in the first quarter.

More For You

basic

CoinDesk Research looks into how Pudgy Penguins disrupts traditional toys market via a phygital model. With 2M+ units sold, they scale via global partnerships and events.

What to know:

  • Disrupting a Stagnant Market: Pudgy Penguins is utilizing a "Negative CAC" model to challenge the traditional $31.7B licensed toy industry by treating physical merchandise as a profitable user acquisition tool rather than just a final product.

View Full Report

Mais para você

Josh Swihart's Zcash Open Development Lab raises $25 million in seed funding

Stacks of 100 dollar bills (Dmytro Glazunov/Unsplash/Modified by CoinDesk)

The capital will be used to expand development of the Zcash (ZEC) protocol and its privacy-focused self-custodial mobile wallet, Zodl.

O que saber:

  • Zcash Open Development Lab (ZODL), a new group formed by the former core team of the Electric Coin Company (ECC), has raised over $25 million in seed funding.
  • The lab emerged after the entire ECC engineering and product team resigned in January 2026 following a governance dispute with Bootstrap, the nonprofit board that oversees ECC.
  • The funding will be used to expand development of the Zcash protocol and its privacy-focused self-custodial mobile wallet, Zodl (formerly Zashi).

Leia a história completa

{
  "by": "gulced",
  "descendants": 0,
  "id": 40248755,
  "score": 2,
  "time": 1714749898,
  "title": "Exploiter Steals $68M Worth of Crypto Through Address Poisoning",
  "type": "story",
  "url": "https://www.coindesk.com/business/2024/05/03/exploiter-steals-68m-worth-of-crypto-through-address-poisoning/"
}
{
  "author": "Oliver Knight",
  "date": "2024-05-03T14:13:48.835Z",
  "description": "A cryptocurrency user has lost $68 million worth of wrapped bitcoin (WBTC) after falling victim to an “address poisoning” exploit, according to blockchain security firm CertiK.",
  "image": "https://cdn.sanity.io/images/s3y3vcno/production/6923046d9a52fac72269f7dd0d26ff84da658711-3240x1823.jpg?auto=format&w=960&h=540&crop=focalpoint&fit=clip&q=75&fm=jpg",
  "logo": null,
  "publisher": "CoinDesk",
  "title": "Exploiter Steals $68M Worth of Crypto Through Address Poisoning",
  "url": "https://www.coindesk.com/business/2024/05/03/exploiter-steals-68m-worth-of-crypto-through-address-poisoning"
}
{
  "url": "https://www.coindesk.com/business/2024/05/03/exploiter-steals-68m-worth-of-crypto-through-address-poisoning",
  "title": "Exploiter Steals $68M Worth of Crypto Through Address Poisoning",
  "description": "The victim was duped by a mimicked 0.05 ether transfer.Updated May 3, 2024, 2:13 p.m. Published May 3, 2024, 2:07 p.m. A user unintentionally sent 1,155 wrapped bitcoin to an exploiter's wallet after being...",
  "links": [
    "https://www.coindesk.com/business/2024/05/03/exploiter-steals-68m-worth-of-crypto-through-address-poisoning",
    "https://www.coindesk.com/business/2024/05/03/exploiter-steals-68m-worth-of-crypto-through-address-poisoning/"
  ],
  "image": "https://cdn.sanity.io/images/s3y3vcno/production/6923046d9a52fac72269f7dd0d26ff84da658711-3240x1823.jpg?auto=format&w=960&h=540&crop=focalpoint&fit=clip&q=75&fm=jpg",
  "content": "<div><h2>The victim was duped by a mimicked 0.05 ether transfer.</h2><p><span>Updated May 3, 2024, 2:13 p.m. </span><span>Published May 3, 2024, 2:07 p.m. </span></p></div><div><ul><li>A user unintentionally sent 1,155 wrapped bitcoin to an exploiter's wallet after being targeted by address poisoning.</li><li>The scam has been confirmed by various blockchain security firms.</li></ul><hr /><p>A cryptocurrency user has lost $68 million worth of wrapped bitcoin (WBTC) after falling victim to an address poisoning exploit, according to <a href=\"https://twitter.com/CertiKAlert/status/1786378165050306774\" target=\"_blank\">blockchain security firm CertiK</a>.</p><p>Address poisoning is a technique that involves tricking the victim into sending a legitimate transaction to the wrong wallet address by mimicking the first and last six characters of the true wallet address and depending on the sender to miss the discrepancy in the intervening characters. Wallet addresses can be as long as 42 characters.</p><p>In this case, the exploiter mimicked a 0.05 ether {{ETH}} transaction before receiving 1,155 WBTC from the victim.</p><p>Security platform <a href=\"https://twitter.com/CyversAlerts/status/1786363410243858869\" target=\"_blank\">Cyvers</a> and blockchain sleuth <a href=\"https://t.me/investigations/114\" target=\"_blank\">ZachXBT</a> confirmed that $68 million had been lost to an address poisoning scam.</p><p>Crypto investors <a target=\"_blank\" href=\"https://www.coindesk.com/tech/2023/12/27/crypto-users-lost-2b-to-hacks-scams-and-exploits-in-2023-defi-says/\">lost $2 billion to hacks</a>, scams and exploits across decentralized finance (DeFi) in 2023 and an additional <a target=\"_blank\" href=\"https://www.coindesk.com/video/crypto-lost-dollar333m-to-hacks-in-q1-of-2024-immunefi/\">$333 million was stolen</a> in the first quarter.</p></div><div><p>More For You</p><div><a target=\"_blank\" href=\"https://www.coindesk.com/research/pudgy-penguins-challenging-the-pokemon-and-disney-legacy-in-the-global-ip-race\"><figure><img alt=\"basic\" srcset=\"https://www.coindesk.com/_next/image?url=https%3A%2F%2Fcdn.sanity.io%2Fimages%2Fs3y3vcno%2Fproduction%2Ff8091d558e9eef2131b4a99142663663b4f7f691-3840x2160.png%3Fauto%3Dformat&amp;w=1920&amp;q=75 1x, https://www.coindesk.com/_next/image?url=https%3A%2F%2Fcdn.sanity.io%2Fimages%2Fs3y3vcno%2Fproduction%2Ff8091d558e9eef2131b4a99142663663b4f7f691-3840x2160.png%3Fauto%3Dformat&amp;w=3840&amp;q=75 2x\" src=\"https://www.coindesk.com/_next/image?url=https%3A%2F%2Fcdn.sanity.io%2Fimages%2Fs3y3vcno%2Fproduction%2Ff8091d558e9eef2131b4a99142663663b4f7f691-3840x2160.png%3Fauto%3Dformat&amp;w=3840&amp;q=75\" /></figure></a><p>CoinDesk Research looks into how Pudgy Penguins disrupts traditional toys market via a phygital model. With 2M+ units sold, they scale via global partnerships and events.</p><div><p>What to know: </p><div><ul><li><strong>Disrupting a Stagnant Market</strong>: Pudgy Penguins is utilizing a \"Negative CAC\" model to challenge the traditional $31.7B licensed toy industry by treating physical merchandise as a profitable user acquisition tool rather than just a final product.</li></ul></div></div><p><a target=\"_blank\" href=\"https://www.coindesk.com/research/pudgy-penguins-challenging-the-pokemon-and-disney-legacy-in-the-global-ip-race\">View Full Report<svg width=\"21\" height=\"21\"></svg></a></p></div></div><div><p>Mais para você</p><div><p>Josh Swihart's Zcash Open Development Lab raises $25 million in seed funding</p><figure><img alt=\"Stacks of 100 dollar bills (Dmytro Glazunov/Unsplash/Modified by CoinDesk)\" srcset=\"https://www.coindesk.com/_next/image?url=https%3A%2F%2Fcdn.sanity.io%2Fimages%2Fs3y3vcno%2Fproduction%2F4639ce873cb414355a63173614affb9983f2b11b-1920x1080.jpg%3Fauto%3Dformat&amp;w=1920&amp;q=75 1x, https://www.coindesk.com/_next/image?url=https%3A%2F%2Fcdn.sanity.io%2Fimages%2Fs3y3vcno%2Fproduction%2F4639ce873cb414355a63173614affb9983f2b11b-1920x1080.jpg%3Fauto%3Dformat&amp;w=3840&amp;q=75 2x\" src=\"https://www.coindesk.com/_next/image?url=https%3A%2F%2Fcdn.sanity.io%2Fimages%2Fs3y3vcno%2Fproduction%2F4639ce873cb414355a63173614affb9983f2b11b-1920x1080.jpg%3Fauto%3Dformat&amp;w=3840&amp;q=75\" /></figure><p>The capital will be used to expand development of the Zcash (ZEC) protocol and its privacy-focused self-custodial mobile wallet, Zodl.</p><div><p>O que saber: </p><div><ul><li>Zcash Open Development Lab (ZODL), a new group formed by the former core team of the Electric Coin Company (ECC), has raised over $25 million in seed funding.</li><li>The lab emerged after the entire ECC engineering and product team resigned in January 2026 following a governance dispute with Bootstrap, the nonprofit board that oversees ECC.</li><li>The funding will be used to expand development of the Zcash protocol and its privacy-focused self-custodial mobile wallet, Zodl (formerly Zashi).</li></ul></div></div><p><a target=\"_blank\" href=\"https://www.coindesk.com/business/2026/03/09/josh-swihart-s-zcash-open-development-lab-raises-usd25-million-in-seed-funding\">Leia a história completa<svg width=\"21\" height=\"21\"></svg></a></p></div></div>",
  "author": "@coindesk",
  "favicon": "https://www.coindesk.com/favicons/production/android-chrome-512x512.png",
  "source": "coindesk.com",
  "published": "2024-05-03T14:07:07.117Z",
  "ttr": 73,
  "type": "newsarticle"
}