An Ethereum user lost 4,556 ETH, worth $12.4M, after copying a poisoned address that mimicked a Galaxy Digital deposit wallet.
An Ethereum user has lost 4,556 ETH, valued at about $12.4 million, after sending funds to a fake address.
The transfer occurred after the user copied an address from transaction history, believing it belonged to Galaxy Digital.
Blockchain data shows the loss resulted from an address poisoning tactic rather than a protocol failure.
How the Address Poisoning Took Place
According to Lookonchain, the affected wallet, identified as 0xd674, had a history of sending funds to Galaxy Digital and regularly used the same deposit address, making its transaction pattern easy to observe on-chain.
An attacker created a lookalike Ethereum address with the same first and last four characters.
This method is known as address poisoning. The attacker then sent small dust transactions to the victim’s wallet.
These dust transfers appeared in the victim’s transaction history. When the user later copied an address from that history, the wrong address was selected.
The copied address belonged to the attacker, not Galaxy Digital.
The Transfer That Led to the Loss
About 11 hours before the loss was identified, the victim attempted another Ethereum deposit.
The user copied the address directly from past transactions. The action was intended to save time.
Instead, the copied address was the attacker’s poisoned address. Once confirmed on the network, the transaction became final. A total of 4,556 ETH was sent in a single transfer.
Blockchain records show the funds moved directly to the attacker’s wallet. There was no contract interaction or system error. The transaction followed standard Ethereum rules.
Why Address Poisoning Is Hard to Detect
Ethereum addresses are long and difficult to read. Many users check only the first and last characters. Attackers exploit this habit when creating fake addresses.
Transaction history often appears trustworthy. However, it can include unsolicited transfers from unknown sources.
These entries can mislead users who copy addresses without full verification.
Security tools can reduce risk, but user behavior remains critical. Hardware wallets, address books, and manual checks can help. Still, mistakes can happen during routine actions.
Ongoing Risks for Crypto Users
Address poisoning has increased as on-chain activity grows. Public transaction data allows attackers to study wallet behavior. Repeated transfers to the same address can increase exposure.
Exchanges and custodians often publish deposit addresses. Users may reuse these addresses for convenience. This practice can create predictable patterns visible to attackers.
The incident shows how small actions can carry large financial consequences. Ethereum transactions are irreversible once confirmed. The network processes instructions exactly as submitted.
Related Reading: ETH Holds $2,680 After Liquidation Flush-Key Levels Traders Are Watching
Broader Context of User Security
The Ethereum network functioned as designed during the transfer. There was no breach of Galaxy Digital systems. The loss occurred at the user level.
Security experts continue to warn against copying addresses from transaction history. Verifying the full address before sending remains essential. Bookmarking trusted addresses can also help.
As on-chain activity expands, similar cases continue to appear. The incident involving wallet 0xd674 adds to growing awareness of address poisoning risks.
Source: https://www.livebitcoinnews.com/12-4m-gone-ethereum-whale-tricked-by-fake-galaxy-address/
