Trader loses $50M in address poisoning attack

A cryptocurrency trader has lost nearly $50 million in USDT after falling victim to an address poisoning attack, BeInCrypto reported. The scam involved an attacker inserting a spoofed address with similar starting and ending characters into the trader's transaction history following a small test transfer of $50. The victim then copied the fraudulent address and mistakenly sent $49,999,950 to the attacker. The stolen USDT was immediately swapped for 16,680 ETH and transferred to the privacy mixer Tornado Cash. The victim has since offered a $1 million white-hat bounty for the return of the assets and has warned of legal action. Address poisoning is a scam where attackers use vanity address generators to create wallet addresses that mimic the first and last few characters of a user's actual address, tricking them into sending funds to the wrong destination.