A cryptocurrency user has fallen victim to an address poisoning attack, resulting in the loss of $69 million. The scammer tricked the user into sending 1,155 wrapped bitcoins (WBTC) to an incorrect address. This attack method involves mimicking the first and last six characters of a legitimate address, banking on the victim not noticing the discrepancies in the middle characters. The exploit was confirmed by leading Web3 security firms CertiK, Cyvers, and crypto investigator ZackXBT.
This incident follows last month's $45 million exploit of Hedgey Finance and comes amidst increased security measures by Web3 companies. In 2023, the decentralized finance (DeFi) sector lost $2 billion to hacks, scams, and exploits. Despite a lower figure projected for this year, the industry has already reported losses of $333 million in the first quarter.
The recent scam underscores the urgency for enhanced security in the Web3 space. Earlier this week, Resonance Security, a cybersecurity firm for both Web2 and Web3, secured $1.5 million in pre-seed funding from Arca, Fabric VC, and Blockchain Founders Fund, highlighting the industry's commitment to raising security levels.