Binance co-founder Changpeng Zhao called for industry-wide measures to eliminate address poisoning scams.
The proposal followed a December 20 incident where a trader lost $50 million USDT after copying a fraudulent address from transaction history.
Zhao outlined three measures: automatic wallet checks for poison addresses, real-time blacklist sharing, and filtering spam transactions.
Binance Wallet already implements such warnings.
What Happened
The victim first sent a 50 USDT test transaction on December 20.
Twenty-six minutes later, they transferred 49,999,950 USDT to what appeared to be the same address.
The destination was a scammer-controlled address matching the first five and last four characters of the legitimate address.
The malicious address exploited how wallets shorten addresses with ellipses, differing only in middle characters.
The attacker converted stolen USDT to DAI, then to roughly 16,690 ETH before depositing into Tornado Cash (TORN).
The victim offered a $1 million on-chain bounty for return.
Read also: Crypto M&A Activity Hits Record $8.6B Across 267 Deals In 2025
Why It Matters
Phishing attacks represented the most costly crypto threat in 2024.
CertiK reported attackers stole over $1 billion across 296 phishing incidents.
Address poisoning accounted for more than 10% of wallet drains in 2025.
The scam exploits users verifying only beginning and ending characters of wallet addresses.
One May 2024 victim lost $68 million worth of wrapped bitcoin but recovered funds after the attacker returned them following investigator pressure.
Cryptocurrency theft reached $3.4 billion in 2025, making prevention critical.
Read next: Bitcoin Whale Deposits Drop 51% On Binance As Large Holders Reduce Transfers