Jameson Lopp, the co-founder and chief security officer of Bitcoin storage firm Casa, recently issued a warning about the increasing threat of Bitcoin address poisoning attacks. These attacks have been on the rise, with attackers mimicking wallet addresses to deceive users and steal funds. Lopp highlighted the surge in such attacks, citing a study that identified nearly 48,000 suspicious transactions over an 18-month period, resulting in significant losses for some victims.
One key point emphasized by Lopp is that these attacks are most prevalent during low-fee environments. The low fees on Bitcoin’s blockchain make it economically feasible for scammers to carry out these malicious activities.
The modus operandi of a Bitcoin poisoning attack is similar to social engineering tactics. Attackers create a fake Bitcoin address that closely resembles one of the victim’s recent addresses. By depositing a small amount of cryptocurrency into this fake address, the attacker then “poisons” the victim’s transaction history by transferring the funds to the victim’s legitimate address. This tactic can easily deceive users who may unknowingly copy a spoofed address from their transaction history.
In a recent incident in January, a Bitcoin developer known as Mononaut warned about an “address poisoning dust attack” and advised users not to copy addresses from their transaction history to avoid falling victim to such scams.
Lopp’s research revealed that the first instances of these attacks occurred in July 2023, with sporadic bursts of malicious transactions continuing until January 2025. Despite the lack of a specific pattern in these attacks, it was observed that attackers primarily targeted addresses with recent activity over the past year, disregarding addresses with minimal deposits or balances under 1 BTC.
To protect themselves from falling prey to these attacks, Lopp urged Bitcoin holders to avoid relying on memory or recent transactions. He advised against reusing addresses and stressed the importance of following best practices to safeguard against such threats.
As the threat of address poisoning attacks continues to loom over the Bitcoin community, vigilance and adherence to security protocols are crucial. By staying informed and adopting safe practices, users can mitigate the risk of falling victim to these malicious schemes.