A crypto user lost nearly $50 million in USDT to an address poisoning scam after copying a fraudulent wallet address from their transaction history, according to blockchain security firm SlowMist.
The victim transferred 49,999,950 USDT to an attacker-controlled address that closely mimicked their intended destination, with matching first three and last four characters.
The stolen funds were quickly converted to ETH, distributed across multiple wallets, and partially funneled through Tornado Cash mixer.
According to the security details, the victim’s wallet had been active for approximately 2 years and was primarily used for USDT transfers, with the compromised funds withdrawn from Binance shortly before the poisoned transfer.
The incident came up in the midst of a broader security crisis gripping the cryptocurrency industry, which has now lost nearly $90 billion to hacks and exploits since its inception.
November alone saw over $276 million stolen, pushing 2025 losses beyond $9.1 billion, meaning roughly 10% of all historical crypto losses have occurred within the past 12 months.
Mitchell Amador, CEO of Immunefi, warned that the threat landscape is fundamentally shifting.
“The threat landscape is shifting from onchain code vulnerabilities to operational security and treasury-level attacks,” he told Cryptonews. “As code hardens, attackers target the human element.”
Despite 2025 being the worst year for hacks on record, Amador emphasized these losses stem from operational failures rather than smart contract vulnerabilities.
“While 2025 was the worst year for hacks on record, those losses were driven primarily by traditional Web2 infrastructure failures and operational security breakdowns, not onchain code,” he explained.
Americans lost approximately $9.3 billion to crypto investment schemes in 2024, marking a 66% increase from the previous year, according to FBI data.
Pig-butchering scams contributed over $9.9 billion globally, with Chainalysis data showing activity surged nearly 40% in 2024.
U.S. Senators Elissa Slotkin and Jerry Moran introduced the SAFE Crypto Act, which proposes a federal task force to coordinate government agencies, law enforcement, and private-sector experts to combat crypto-related fraud.
The legislation requires authorized stablecoin issuers to maintain technical capabilities to freeze or seize digital assets tied to illegal activity.
Enforcement actions have intensified, with U.S. authorities announcing the largest crypto seizure ever in October, targeting Cambodia-based Prince Holding Group.
Tether also froze nearly $50 million in USDT linked to Southeast Asia pig-butchering rings, while Binance prevented 7.5 million users from losing almost $10 billion to fraud between December 2022 and May 2025.
Beyond sophisticated scams, malware attacks continue draining wallets, with a Singapore entrepreneur losing over $100,000 after downloading malicious software disguised as a game-testing program.
A separate multisignature wallet breach earlier this month resulted in approximately $27.3 million being stolen through private key compromise, with attackers laundering roughly $12.6 million through Tornado Cash.
Amador argued the industry must fundamentally restructure its security approach.
“Securing code isn’t enough if users and operators remain vulnerable,” he said.
“Web3 companies need to invest far more in human-layer security, and this means training teams, tightening operational controls, and directly educating users on how to spot scam messages, recognize social engineering attempts, and protect their assets onchain.”
He noted that 99% of Web3 projects operate without basic firewalls, while fewer than 10% deploy modern AI-driven security tools.
“Most hacks this year haven’t occurred due to poor audits,” Amador explained. “They’ve happened after launch, during protocol upgrades, or through integration vulnerabilities — blind spots that audits alone can’t catch.”
Despite the escalating losses, Amador maintained optimism about onchain code security, predicting that 2026 will be the best year yet for smart contract safety as the industry continues to harden its technical infrastructure.
