Jameson LOPP, the Director of Security of the Bitcoin Society (BTC) Casa, sounded the alarm on the poisoning attacks of the Bitcoin address, a social engineering scam which uses similar addresses of the transactions history of a victim to deceive them in sending funds to the malicious address.
According to the article of February 6 of LOPP, the actors of the threat generate BTC addresses which correspond to the first and the last figures of the addresses of the history of transactions of the victim. LOPP analyzed the story of Bitcoin blockchain for this type of attack and found:
“The first transactions did not appear before the 797570 block on July 7, 2023, which had 36 transactions of this type. Then, everything was silent until the 819455 block, on December 12, 2023, after which we can find regular flashes of these transactions until they start again.”
“During these 18 months, just under 48,000 transactions were sent which correspond to this poisoning profile at the potential address,” added LOPP.
Example of a poisoned address attack. Source: JLOVES LOPP
The executive urged Bitcoin holders to carefully check the addresses before sending funds and called for better wallet interfaces that fully display the addresses. LOPP’s warning highlights cybersecurity exploits and emerging fraudulent regimes that afflict industry.
In relation: Crypto feat, scam losses fall to $ 28.8 million in March after February Spike
Sociations and poisoning exploits of the address require billions of stolen user funds
According to the cybersecurity company Cyvers, more than 1.2 million dollars were stolen by address poisoning attacks in March 2025. CEO of Cyvers Deddy Lavid said that these types of attacks cost $ 1.8 million in February.
The blockchain security company, Peckshield, estimates that the total amount lost against cryptographic hacks in the first quarter of 2025 exceeding $ 1.6 billion, the hacking of appeals representing the vast majority of stolen funds.
Bybit’s hacking in February was responsible for $ 1.4 billion in losses and represents the largest cryptography hacking in history.
Cybersecurity experts have linked attacks to the North Korean pirates affiliated with the State that use complex and scalable social engineering schemes to steal cryptocurrencies and sensitive target data.
The social engineering scams of the Lazarus group include fraudulent job offers, zoom meetings with false venture capital and phishing scams on social networks.
Review: 2 Listeners are missing $ 27 million FLAW dollars, Bogue of Pythia “awards”: Crypto-Sec of Pythie
