Bitcoin Users Targeted in Address Poisoning Scam: Jameson Lopp Issues Critical Security Warning
In the ever-evolving world of cryptocurrency, even seasoned investors are not immune to deception. Bitcoin holders are now facing a sophisticated threat known as address poisoning, a malicious scam that’s quietly siphoning millions of dollars through wallet lookalike attacks. This tactic has recently gained momentum, prompting a serious warning from Jameson Lopp, Chief Security Officer at the Bitcoin custody firm Casa.
What Is Address Poisoning?
Address poisoning is a social engineering scam where attackers send small transactions from a wallet address that closely mimics one from the victim’s transaction history. The goal? To trick users into copying the wrong address during future transactions, thereby redirecting funds to the scammer.
These lookalike addresses usually match the first and last few characters of the legitimate address, taking advantage of how most wallet interfaces display shortened versions.
“Wallet interfaces need to do a better job of fully displaying and verifying addresses,” said Lopp in a February 6 blog post.
Timeline of the Attacks
Lopp’s blockchain analysis identified that the first major incident occurred on July 7, 2023, in block 797570. After a brief dormancy, another significant wave was seen on December 12, 2023 (block 819455). From there, the activity continued to escalate:
- As of block 881172 (Jan 28, 2025), nearly 48,000 suspicious transactions had been identified.
- The scam briefly paused in early 2025 but appears to have resumed in recent weeks.
Scale of the Losses
According to Cyvers, a cybersecurity firm monitoring blockchain fraud:
- February 2025: $1.8 million lost to address poisoning
- March 2025: An additional $1.2 million stolen
Cyvers CEO Deddy Lavid called it a “growing threat” that specifically targets individuals over institutions.
The Broader Context: A Surge in Crypto Hacks
Address poisoning is just one piece of a much larger puzzle. PeckShield, a blockchain security firm, estimates that over $1.6 billion was stolen in Q1 2025 through various crypto-related hacks.
The most notable incident? The Bybit breach, where hackers executed the largest theft in crypto history, stealing $1.4 billion.
Analysts attribute many of these attacks to state-sponsored groups like North Korea’s Lazarus Group, known for using fake job interviews, phishing emails, and now sophisticated address scams to drain wallets.
Why Wallet Interfaces Are Failing Users
One of the root issues, as Lopp suggests, is the design of wallet interfaces. Most crypto wallets abbreviate addresses, displaying only the beginning and end. This makes them vulnerable to manipulation, as users may only verify partial characters before confirming a transfer.
Wallet developers must begin to:
- Show full addresses by default
- Use bold or color-coded address mismatches
- Alert users when an address doesn’t match any in the whitelist or history
Until these improvements are universal, the responsibility largely falls on users.
How to Protect Yourself from Address Poisoning
To reduce your risk of falling victim to this growing scam, follow these crypto safety tips:
- Always verify the full wallet address before sending funds.
- Avoid copy-pasting from recent transactions—manually type or use QR codes.
- Use wallet address whitelisting features where available.
- Double-check recipient addresses on a separate screen or device.
- Update wallets and browser extensions regularly.
- Be skeptical of unsolicited small incoming transactions.
Security Experts Sound the Alarm
Jameson Lopp’s expertise and longstanding presence in the Bitcoin community add significant weight to this warning. With tens of thousands of transactions already flagged, and millions drained from unsuspecting users, the scam shows no signs of stopping.
“This isn’t just a bug in the system—it’s an exploitation of human behavior and UI weaknesses,” says Lopp.
The time to act is now. Both developers and users must work together to make crypto safer.
Final Thoughts
Address poisoning scams underscore a harsh reality: even in a trustless blockchain ecosystem, user error remains a major vulnerability. As scams become more elaborate, so too must our vigilance and security tools.
Crypto offers revolutionary financial freedom—but that freedom comes with personal responsibility. Stay alert, stay informed, and stay protected.
Frequently Asked Questions (FAQs)
1. What is a Bitcoin address poisoning scam?
A Bitcoin address poisoning scam involves sending small amounts of crypto from a wallet with a similar-looking address to trick victims into mistakenly sending future transactions to the scammer’s address.
2. How can I avoid falling victim to address poisoning?
Double-check the entire wallet address before sending funds, avoid copy-pasting from history, and consider using address whitelisting features.
3. Is address poisoning a new scam?
It first appeared in July 2023 and has been resurging, especially since December 2023.
4. How much has been stolen so far?
According to Cyvers, nearly $3 million has been stolen in early 2025 alone from address poisoning scams.
5. Why are wallet interfaces part of the problem?
Many wallet apps abbreviate addresses, showing only the beginning and end—making it easier for lookalike addresses to deceive users.
6. What should wallet developers do?
Developers should build better UI/UX protections, such as full address views, color-coding, and alert systems for suspicious addresses.
7. Who is Jameson Lopp?
Jameson Lopp is the Chief Security Officer at Casa and a respected voice in Bitcoin security.
8. Is this related to other crypto hacks?
Yes. While address poisoning is distinct, it’s part of a broader surge in crypto scams including the $1.4 billion Bybit hack.
9. Are state-backed hackers involved?
Some experts believe North Korea’s Lazarus Group could be connected to multiple high-value attacks, though direct links to address poisoning are still being investigated.
10. What happens if I fall victim to this scam?
Unfortunately, Bitcoin transactions are irreversible. Once sent to the wrong address, recovery is highly unlikely.
Disclaimer: This article is for educational and informational purposes only. It does not constitute financial advice or an offer to invest. Cryptocurrency investments carry risks. Always conduct your own research and consult with a licensed financial advisor before making any investment decisions.
