Emerging Address Poisoning Attack on Bitcoin Blockchain, Casa Executive Warns
Jameson Lopp, co-founder and chief security officer of Bitcoin storage firm Casa, has warned against rising Bitcoin address “poisoning” attacks.
In a Sunday blog post, Lopp cautioned Bitcoin holders, stressing the recent surge in attacks, where attackers mimic wallet addresses. An 18‑month blockchain study recorded nearly 48,000 suspicious transactions he wrote, adding that some victims have lost significant funds.
Lopp also emphasized that such attacks are “only economically feasible during low-fee environments.” This means that the low fees in Bitcoin’s blockchain fuel such scams.
Attackers Use Victim’s Transaction History for “Poisoning”
According to Lopp’s findings, Bitcoin poisoning attack is similar to social engineering, where the attacker generates a Bitcoin address akin to the victim’s recently used addresses.
The attackers use brute force or trial and error in an attempt to guess or crack private keys. The perpetrator then deposits a small amount of crypto into that address.
“Then they ‘poison’ the target’s transaction history by sending the funds from this similar-looking address to the victim’s address.”
Victims may unknowingly copy a previously used address from their transaction history without realizing it’s the attacker’s spoofed address.
In January, pseudonymous Bitcoin developer Mononaut flagged “address poisoning dust attack,” cautioning users not to copy addresses from your transaction history.
According to Lopp, the first such transactions did not appear until July 7, 2023, which recorded 36 such transactions on block 797570.
“Then, all was quiet until block 819455, December 12, 2023, after which we can find regular bursts of these transactions up until block 881172, January 28, 2025, then there was a 2-month break before they started up again.”
Attack Has No Specific Pattern
Further, Lopp highlighted that it is hard to see a specific pattern in the poisoning attack. “I suspect the attackers were only looking at addresses with recent activity in the past year or so.”
However, surprisingly, more than 12,000 targeted addresses had never spent funds. Additionally, most targeted addresses had fewer than 10 deposits.
It was clear that the attackers generally ignored addresses with balances under 1 BTC, he added.
Lopp cautioned Bitcoin holders to avoid relying on memory or recent transactions.
“Don’t trust addresses just because they appear in your transaction history – even from deposits,” he wrote. “Don’t reuse addresses, period! This remains a Bitcoin best practice for a multitude of reasons.”
The post Emerging Address Poisoning Attack on Bitcoin Blockchain, Casa Executive Warns appeared first on Cryptonews.
Read More
Ethereum Tanks Nearly 50% As Bitcoin Holds Stronger In Q1
Polymarket Bettors’ Recession Odds Surge Over 50% Amid Brutal 2 Day Market Decline
Emerging Address Poisoning Attack on Bitcoin Blockchain, Casa Executive Warns
Jameson Lopp, co-founder and chief security officer of Bitcoin storage firm Casa, has warned against rising Bitcoin address “poisoning” attacks.
In a Sunday blog post, Lopp cautioned Bitcoin holders, stressing the recent surge in attacks, where attackers mimic wallet addresses. An 18‑month blockchain study recorded nearly 48,000 suspicious transactions he wrote, adding that some victims have lost significant funds.
Lopp also emphasized that such attacks are “only economically feasible during low-fee environments.” This means that the low fees in Bitcoin’s blockchain fuel such scams.
Attackers Use Victim’s Transaction History for “Poisoning”
According to Lopp’s findings, Bitcoin poisoning attack is similar to social engineering, where the attacker generates a Bitcoin address akin to the victim’s recently used addresses.
The attackers use brute force or trial and error in an attempt to guess or crack private keys. The perpetrator then deposits a small amount of crypto into that address.
“Then they ‘poison’ the target’s transaction history by sending the funds from this similar-looking address to the victim’s address.”
Victims may unknowingly copy a previously used address from their transaction history without realizing it’s the attacker’s spoofed address.
In January, pseudonymous Bitcoin developer Mononaut flagged “address poisoning dust attack,” cautioning users not to copy addresses from your transaction history.
According to Lopp, the first such transactions did not appear until July 7, 2023, which recorded 36 such transactions on block 797570.
“Then, all was quiet until block 819455, December 12, 2023, after which we can find regular bursts of these transactions up until block 881172, January 28, 2025, then there was a 2-month break before they started up again.”
Attack Has No Specific Pattern
Further, Lopp highlighted that it is hard to see a specific pattern in the poisoning attack. “I suspect the attackers were only looking at addresses with recent activity in the past year or so.”
However, surprisingly, more than 12,000 targeted addresses had never spent funds. Additionally, most targeted addresses had fewer than 10 deposits.
It was clear that the attackers generally ignored addresses with balances under 1 BTC, he added.
Lopp cautioned Bitcoin holders to avoid relying on memory or recent transactions.
“Don’t trust addresses just because they appear in your transaction history – even from deposits,” he wrote. “Don’t reuse addresses, period! This remains a Bitcoin best practice for a multitude of reasons.”
The post Emerging Address Poisoning Attack on Bitcoin Blockchain, Casa Executive Warns appeared first on Cryptonews.
Read More
Ethereum Tanks Nearly 50% As Bitcoin Holds Stronger In Q1