A cryptocurrency trader has lost more than $12 million worth of Ethereum ($ETH) after mistakenly sending funds to a fraudulent wallet address, in what blockchain data suggests was a successful address-poisoning attack.
On-chain records show the victim address, identified as 0xd674, had an established pattern of transferring large sums of $ETH to a Galaxy Digital deposit wallet, according to insights shared by Lookonchain on January 31.
A victim (0xd674) lost 4556 $ETH($12.4M) due to a copy-paste address mistake.
Victim 0xd674 frequently transfers funds to Galaxy Digital via
0x6D90CC…dD2E48.The attacker generated a poison address with the same first and last 4 characters as Galaxy Digital’s deposit address… pic.twitter.com/oXI3exESzE
— Lookonchain (@lookonchain) January 31, 2026
This repeated behavior appears to have been exploited by an attacker who generated a malicious address designed to closely resemble Galaxy Digital’s legitimate deposit address, matching the same opening and closing characters.
Transaction history indicates the attacker repeatedly sent small-value transfers to the victim’s wallet over time.
To this end, the dust transactions caused the poisoned address to appear alongside legitimate destinations in the wallet’s recent activity, increasing the likelihood of confusion during future transfers.
Approximately 11 hours before the loss was detected, the trader initiated another Ethereum transfer intended for Galaxy Digital.
Failure to verify address
Instead of manually verifying the destination, the address was copied directly from the transaction history. As a result, 4,556 $ETH, valued at around $12.4 million at the time of the transaction, was sent to the attacker-controlled wallet.
Notably, the transfer was executed in a single outbound transaction, with the funds leaving the victim’s wallet immediately and no subsequent corrective transactions recorded.
The poisoned address successfully received the Ethereum, and there has been no indication of recovery efforts or fund reversal, consistent with the irreversible nature of blockchain settlements.
Overall, the incident highlights the growing prevalence of address-poisoning attacks, where malicious actors exploit visual similarities in wallet addresses rather than vulnerabilities in smart contracts or protocols.
Such attacks rely on user error rather than technical exploits, making even experienced traders vulnerable when handling high-value transfers.
Featured image via Shutterstock