The cryptocurrency ecosystem was recently shaken by one of the largest on-chain frauds in recent years. Nearly $50 million worth of USDT belonging to a user was sent to the wrong wallet within seconds through an attack method known as “address poisoning.” This incident not only highlighted an individual error but also brought to the forefront how blockchain architectures and user behaviors can intersect dangerously.
How the Address Poisoning Attack Occurred
At the heart of the incident lies a wallet that has been active for almost two years and is primarily used for USDT transfers. After withdrawing funds from Binance, the user received approximately $50 million in USDT. Believing it to be a secure method, the user first performed a small test transfer. A few minutes later, the main transfer was made, but unknowingly, the user utilized the wrong address.
Before reaching this point, the fraudster had already set up the “address poisoning” attack. A wallet that closely resembled an address the victim frequently used was created, and a minuscule amount of USDT was sent to it, adding to the transaction history. Given that the addresses in the wallet interface appear as long and complex strings, the user inadvertently copied this fake address from the transaction history when intending to transfer funds, resulting in nearly $50 million being moved to the attacker’s wallet with a single click.
The UTXO Model Controversy and Charles Hoskinson’s Perspective
Charles Hoskinson, the founder of Cardano, weighed in on the incident, arguing that such a loss is far more challenging to experience in certain blockchain architectures. He pointed out that the account-based models used by Ethereum and EVM-based networks structurally enable frauds like address poisoning. In this model, addresses are kept as permanent accounts, and wallets often prompt users to copy addresses from previous transactions, a habit targeted by fraudsters.
According to Hoskinson, networks employing the UTXO model, like Bitcoin and Cardano, are more resilient in this aspect. In the UTXO model, each transaction generates new outputs while consuming old ones, eliminating the idea of a permanent “account balance.” Consequently, there is no persistent address history that can be visually poisoned. He emphasizes that this incident is not a protocol flaw or a smart contract error but a hazardous interaction between design and human behavior.
Similar risks have been brought to attention by other reports recently. In the past few weeks, a major wallet provider released a security update to warn users against address copying habits and revamped their address verification screens. These developments underscore the importance of wallet design alongside individual precautions.
