1005 Alcyon Dr Bellmawr NJ 08031
+1 484-446-2566
support@bmcpros.com
Jameson Lopp, chief security officer of Bitcoin (BTC) custody company CASA, issued an alert on a Bitcoin address poisoning attack, a social engineering scam that uses similar addresses in the victim’s transaction history to trick them into sending funds to malicious addresses.
According to a LOPP February 6 article, the BTC address generated by the threat participant matches the first and last address in the victim’s transaction history. LOPP analyzed the Bitcoin blockchain history of such attacks and found:
“This type of transaction did not appear until 797570 BACK 797570 in 2023, and there were 36 such transactions in the neighborhood. Then, all of these transactions were quiet until December 12, 2023, until 819455, and then we can find regular bursts of these transactions until January 28, January 28, 2025, and then 2 hours before starting the start of 2 hours.”
“In the past 18 months, less than 48,000 transactions were sent, matching profiles related to potential address poisoning,” the LOPP added.
Example of poisoning address attack. Source: jAmson Competition
Executives urged Bitcoin holders to thoroughly check the address before sending the funds and called for a better wallet interface that better displays the address. LOPP’s warning highlights emerging cybersecurity exploitation and fraudulent programs that plague the industry.
Related: Cryptocurrency utilization, scam losses fell to $28.8 million in March after February
Solve poisoning scams and exploit billions of dollars in user funds
According to a report by cybersecurity company, more than $1.2 million was stolen by addressing the poisoning attack in March 2025. Cyvers CEO Deddy Lavid said these types of attacks cost users $1.8 million in February.
Blockchain security firm Peckshield estimates that the total loss of cryptocurrency sales in Q1 2025 exceeded $1.6 billion, with Bybit Hack accounting for the vast majority of the stolen funds.
Bybit Hack in February caused $1.4 billion in losses, representing the largest cryptocurrency hack in history.
Cybersecurity experts have linked the attacks to North Korean state-affiliated hackers who use complex and evolving social engineering programs to steal cryptocurrencies and sensitive data from targets.
The average Lazarus Group social engineering scams include fraudulent work offers, zoom meetings with fake venture capitalists, and phishing scams on social media.
Magazine: 2 auditors missed $27 million in Pengbi’s flaw, Bitian’s “claim reward” error: cryptocurrency