A trader whose identity remains unknown suffered a massive loss of $68 million in Wrapped Bitcoin (WBTC) due to an address-poisoning scam. The incident came to light when on-chain security firm Cyvers disclosed the theft in a post on May 3. The victim, known as wallet “0x1E,” lost more than 97% of its total assets, equivalent to approximately $67.8 million, according to CoinStats.
Address poisoning, also referred to as address spoofing, takes advantage of traders’ negligence and haste during transactions. Scammers deceive victims into sending their digital assets to fraudulent addresses owned by the criminals.
The crypto industry continues to be plagued by scams, eroding trust among mainstream investors. In April, investors experienced losses of at least $33 million in the ZKasino gambling platform fraud case. Dutch authorities apprehended a suspect connected to the ZKasino scam on April 29 and seized $12.2 million.
Despite the ZKasino incident, the total losses from scams and hacks in April amounted to only $25.7 million, the lowest figure recorded since 2021 when CertiK, an on-chain intelligence firm, began tracking such data. The report indicates a 141% decrease in losses compared to the previous month, mainly attributed to a reduced number of private key compromises. In April, only three private key leaks occurred, whereas March witnessed over 11 attacks through private key compromises.
It is worth noting that CertiK’s figures do not include the $33 million ZKasino scam. Although the report acknowledges the controversy surrounding the project, it has not yet classified it as a scam. Investor concerns intensified when ZKasino transferred all 10,515 Ether (ETH) deposited by investors to the Lido staking protocol on April 22. CertiK stated that it would update its data if ZKasino was confirmed to be a malicious actor.
In a separate incident, the Lazarus Group has laundered more than $200 million in hacked cryptocurrencies since 2020.