A crypto trader just lost almost $50 million in USDT, and it all happened in less than one hour.
This wasn’t a hack.
There was no broken code.
It was a simple mistake — and scammers were waiting for it.
On December 20, 2025, the trader sent 49,999,950 USDT to the wrong address. The address looked real. It came straight from the wallet’s transaction history. But it was fake.
This type of scam is called address poisoning.
Here’s how it happened.
The trader had just withdrawn nearly $50 million from Binance. Like many careful users, they first sent a small test transfer — just 50 USDT — to make sure everything worked.
So far, so good.
But within minutes, scammers jumped into action.
They sent a tiny dust transaction of 0.005 USDT to the trader’s wallet. This fake transaction created a spoofed address that showed up in the wallet’s recent activity.
The fake address looked almost identical to the real one.
Same first three characters.
Same last four characters.
To the human eye, it looked safe.
When the trader came back to send the full amount, they copied the address from their recent transactions — not realizing it was the scammer’s address.
And just like that, $50 million was gone.
Blockchain monitoring firm SlowMist reported that the stolen USDT was quickly converted into Ethereum, split across many wallets, and partly washed through Tornado Cash. The entire process was fast and precise.
This wasn’t random.
On-chain data shows the attackers were watching whale wallets, waiting for large moves. The victim’s wallet had been active for about two years and mostly used for USDT transfers — making it a perfect target.
After the theft, the victim sent an on-chain message to the attacker.
They demanded 98% of the funds back within 48 hours.
They also offered $1 million as a white-hat bounty — while warning that legal action and international law enforcement were already being prepared.
Whether the funds will be returned remains unknown.
But this single case is only a small part of a much bigger problem.
In 2025 alone, address poisoning scams have caused an estimated $3.4 billion in losses.
More than 158,000 wallets have been affected.
Over 80,000 people became victims.
Just in September 2025, researchers recorded 32,290 poisoning attempts, hitting 6,516 unique users across different blockchains.
Across Ethereum and Binance Smart Chain, experts have tracked over 270 million poisoning attempts.
Confirmed losses directly tied to this scam method now exceed $83.8 million, not counting major headline cases like this one.
The pattern is clear.
Scammers watch the blockchain.
They wait for big transfers.
They inject fake addresses at the perfect moment.
And they rely on one thing — human habit.
This story is a reminder that in crypto, even one small shortcut can cost everything.
