- Cybersecurity experts have identified a new “address poisoning attack” targeting Bitcoin users who regularly reuse wallet addresses.
- Attackers create vanity addresses with identical starting and ending characters as victims’ wallets, then send small “dust” transactions to trick users during copy-paste.
- The attack costs less than $1 per attempt and can be prevented by verifying entire addresses and avoiding address reuse.
Cybersecurity researchers have uncovered a sophisticated new theft technique targeting Bitcoin users who regularly send funds to the same address. The “address poisoning attack,” detailed by Jameson Lopp in his recent MIT Bitcoin Club Expo presentation, allows criminals to steal Bitcoin without direct communication with victims, primarily affecting dollar-cost-average (DCA) savers and merchants.
This attack, first identified by Mononaut, exploits how users interact with their wallet interfaces when copying addresses from transaction histories. By manipulating these common behaviors, attackers can redirect funds without needing to hack systems or directly contact targets.
How the Bitcoin Address Poisoning Attack Works
The attack follows a specific pattern: first, criminals identify victims who consistently send Bitcoin to the same address over time. Next, they create a “vanity address” with identical beginning and ending characters as the victim’s legitimate address. They then send a minimal “dust” transaction to the victim using this spoofed address.
When victims later open their wallet to make a routine transaction, they typically copy an address from their recent transaction history. If they only verify the first and last few characters—a common practice—they unwittingly send their Bitcoin directly to the attacker’s wallet.
Low Cost, High Impact Targeting
According to Mononaut, the attack costs approximately 60 cents per attempt, with one attacker targeting an estimated 1,400 potential victims. The expense comes from the necessary on-chain transaction and the small amount of Bitcoin used as “dust” to place the fake address in victims’ transaction histories.
Security experts recommend three primary defenses: verify addresses character-by-character before sending funds, avoid address reuse by generating new addresses for each transaction, and never trust addresses copied from transaction history without thorough verification.
The attack’s elegance lies in its simplicity—attackers never need to communicate with victims, instead relying on predictable user behaviors when managing cryptocurrency transactions. Sadly, reports indicate some Bitcoin users have already fallen victim to this technique, sending their funds to these cleverly disguised spoofed addresses.
For Bitcoin users concerned about security, implementing these verification steps can provide significant protection against this increasingly common threat.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
Previous Articles:
- Bitcoin Plummets as Trump’s Tariff War Erases Post-Election Gains
- Crypto Markets Tumble: CoinDesk 20 Index Plunges 13.5% In Weekend Selloff
- ZKasino scammer loses $27M in liquidation: Crypto karma strikes back
- SEC Issues Guidance: Certain Stablecoins Not Classed as Securities
- Montenegro Car Rental Firm Sitngo First to Accept Crypto Payments
