Researcher links Ethereum surge to address-poisoning attacks that stole $740K

Security researcher Andrey Sergeenkov says Ethereum’s recent record network activity could be partially linked to a wave of address poisoning attacks that are exploiting sharply lower gas fees. Cointelegraph reported that network activity retention nearly doubled to 8 million addresses in a month and daily transactions reached an all-time high of almost 2.9 million.

Sergeenkov said the week starting Jan. 12 saw 2.7 million new addresses, 170% higher than typical values, while daily transactions surged to over 2.5 million. He attributed part of the uptick to so-called address poisoning after the December Fusaka upgrade cut transaction fees; network fees fell more than 60% in the weeks that followed.

Address poisoning, Sergeenkov explained, involves sending small transactions from wallet addresses that resemble legitimate ones, duping users into copying the wrong address. He analysed small stablecoin transactions and found 67% of new addresses receive less than $1 in their first transaction.

Automated smart contracts distributed tiny amounts to millions of addresses, with 3.8 million addresses receiving such "dust" as their first transaction. "These poisoning addresses then distribute dust to millions of potential victims, creating false entries in transaction histories," he said.

Key Topics

Crypto, Ethereum, Andrey Sergeenkov, Fusaka Upgrade, Address Poisoning, Stablecoins