Jameson Lopp, co-founder and chief security officer of Casa, has raised alarms about an increase in Bitcoin address “poisoning” attacks. In a recent blog post, Lopp warned Bitcoin holders about the surge in these attacks, where scammers mimic wallet addresses. An 18-month study noted nearly 48,000 suspicious transactions, with victims losing significant funds. Lopp pointed out that such attacks thrive during low-fee environments on Bitcoin’s blockchain.
In these attacks, scammers create a Bitcoin address resembling one the victim recently used, attempting to guess or crack private keys. They then deposit a small amount into this address and “poison” the transaction history by sending funds back to the victim’s address. This tactic can lead victims to mistakenly use the spoofed address.
Bitcoin developer Mononaut also highlighted these risks in January, cautioning users against copying addresses from transaction histories. Lopp noted the first such transaction occurred on July 7, 2023, and these attacks have been sporadic but persistent since then.
Lopp observed that attackers show no specific pattern, often targeting recently active addresses, though some had never spent funds. Most targeted addresses had fewer than 10 deposits, and attackers generally ignored addresses with less than 1 BTC. Lopp advised Bitcoin users to avoid relying on transaction histories or reusing addresses, emphasizing that this remains a best practice for Bitcoin users.
