A Bitcoin security expert is warning that "address poisoning" attacks are on the rise on the blockchain, as low transaction fees allow threat actors to target a large number of addresses at a relatively low cost.
In an address poisoning attack, an attacker sends its target a transaction from a newly-generated wallet whose first and last characters match the target wallet, or a wallet the target has recently interacted with. The next time the target wants to send money to that wallet, they might mistakenly copy the lookalike address from their transaction history and send money directly to the hacker instead of their intended recipient.
Jameson Lopp, co-founder and chief security officer of Bitcoin secure storage firm Casa, conducted an analysis of address poisoning attacks on Bitcoin, scanning the entire blockchain and identifying 48,000 suspected attacks since 2023. Lopp identified transactions with one input and one output consisting of two different wallets with the same first four and last four characters, a strong signal of an address poisoning attack.
Lopp identified at least one likely successful attack, in which a victim sent 0.1 BTC to a malicious address, then 12 hours later, sent .1 BTC to an address that was probably the intended target. "That one successful trickery could have easily resulted in a much higher ROI because the address from which the funds were spent held nearly 8 BTC," Lopp noted in his analysis.
While the odds of one attack succeeding are relatively low, low transaction fees enable thousands of attacks to be carried out in a relatively short period. Average Bitcoin transaction fees have been relatively low since July 2024, according to The Block's data.
"[The attacks are] a result of the fact that we're in a very low-fee environment," Lopp said when presenting his findings at the MIT Bitcoin Expo. "If we had [high] fees going on, I think that would greatly disincentivize people from doing a lot of these dusting attacks, unless they figured out other ways to increase their attack success rate."
Address poisoning attacks are known to target wallets on other blockchains; in May 2024, an Ethereum user lost $71 million to an attack, though it was later recovered following negotiations. A similar strategy was identified as part of the hack of Japanese crypto exchange DMM Bitcoin.
Lopp said wallet software developers could implement warnings for users that could mitigate the risks from address poisoning attacks. "I think it would be easy for wallets to say 'Oh, this came from a similar looking address,' and throw up a big red flag: do not interact," Lopp said.
Disclaimer: The Block is an independent media outlet that delivers news, research, and data. As of November 2023, Foresight Ventures is a majority investor of The Block. Foresight Ventures invests in other companies in the crypto space. Crypto exchange Bitget is an anchor LP for Foresight Ventures. The Block continues to operate independently to deliver objective, impactful, and timely information about the crypto industry. Here are our current financial disclosures.
© 2025 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。
