Rabat – A recent surge in activity on the Ethereum network is being linked in part to address poisoning attacks that have become cheaper to carry out following a sharp drop in transaction fees, according to security researcher Andrey Sergeenkov.
Ethereum has recorded a notable increase in daily transactions and active addresses in recent weeks, with network data showing activity levels approaching record highs.
Reports indicate that address retention climbed to nearly eight million within a month, while daily transactions rose to close to 2.9 million. At first glance, the figures appeared to point to renewed organic growth across the network.
However, Sergeenkov said a portion of this increase is likely driven by large-scale spam campaigns rather than genuine user activity.
In comments shared this week, he pointed to address poisoning attacks, a tactic that involves sending tiny transactions to a large number of wallets from addresses designed to closely resemble legitimate ones.
The goal of these attacks is to exploit user behavior. When wallet holders later copy an address from their transaction history, they may mistakenly select the attacker’s look-alike address and send funds to the wrong destination.
The transactions themselves are small and often go unnoticed, but the cumulative effect can be significant.
Sergeenkov noted that the cost of running these campaigns has dropped substantially since Ethereum’s Fusaka upgrade in December.
Read also: Bitcoin Slides 3% as US-EU Tensions Trigger $864 Million in Crypto Liquidations
The upgrade reduced network fees by more than 60% in the weeks that followed, making it far cheaper to send large volumes of transactions.
He said the lower costs have made address poisoning disproportionately attractive for attackers.
According to his analysis, the week starting January 12 alone saw roughly 2.7 million new addresses created on the network, about 170% above typical levels. During the same period, daily transactions consistently exceeded 2.5 million.
By examining wallets that received less than $1 as their first stablecoin transaction and filtering for addresses that sent transactions to more than 10,000 recipients, Sergeenkov identified clusters associated with dusting campaigns.
Some of the most active distributor wallets sent small transfers to more than 400,000 addresses. To date, more than $740,000 has been stolen from at least 116 victims using this method.
The findings highlight a growing challenge for Ethereum as improvements in efficiency lower barriers for both legitimate users and bad actors.
Sergeenkov said the episode shows why transaction counts alone are not a reliable measure of healthy network adoption and stressed the importance of stronger wallet-level protections and clearer warnings for users.
Ethereum co-founder Vitalik Buterin recently said on X that the network is entering a new phase focused on user autonomy and improved experience, arguing that restoring self-sovereignty and trustlessness is becoming a central priority as the ecosystem continues to scale.
Read more on Morocco World News
