A cryptocurrency trader lost over $12 million worth of Ethereum ($ETH) After accidentally transferring funds to a fraudulent wallet address, blockchain data suggests a successful address poisoning attack.
On-chain records indicate that the victim address, identified as 0xd674, had an established pattern of transferring large amounts of data. $ETH According to an insight shared by , it will be sent to your Galaxy Digital deposit wallet. look on chain January 31st.
Victim (0xd674) lost 4556 $ETH($12.4 million) Due to a copy-and-paste error in the address.
Victim 0xd674 frequently transfers funds to Galaxy Digital.
0x6D90CC…dD2E48.The attacker generated a poisoned address with the same first and last four characters as Galaxy Digital’s deposit address… pic.twitter.com/oXI3exESzE
— Lookonchain (@lookonchain) January 31, 2026
This repeated behavior appears to have been exploited by an attacker who generated a malicious address designed to closely resemble Galaxy Digital’s legitimate deposit address and match the same starting and ending characters.
Transaction history shows that the attacker repeatedly sent small transfers to the victim’s wallet over time.
To this end, dust transactions caused tainted addresses to appear alongside legitimate destinations in a wallet’s recent activity, increasing the likelihood of disruption during future transfers.
Approximately 11 hours before the loss was detected, the trader initiated another Ethereum transfer targeted to Galaxy Digital.
Address verification failed
Instead of manually checking the destination, the address was copied directly from your transaction history. As a result, 4,556 $ETHfunds worth approximately $12.4 million at the time of the transaction were sent to wallets controlled by the attackers.
Notably, this transfer was performed in a single outgoing transaction, funds were immediately exited from the victim’s wallet, and no subsequent modification transactions were recorded.
The poisoned address successfully received Ethereum, but consistent with the irreversible nature of blockchain payments, there is no indication of recovery efforts or reversal of funds.
Overall, this incident highlights the growing prevalence of address poisoning attacks, where malicious actors exploit the visual similarity of wallet addresses rather than vulnerabilities in smart contracts or protocols.
Such attacks rely on user error rather than technical exploitation, making even experienced traders vulnerable when processing high-value transfers.
Featured image via Shutterstock
