A high-profile crypto holder known as Sillytuna has lost approximately $24 million in a sophisticated address poisoning attack that escalated into violent threats. The incident underscores the growing dangers of on-chain scams and the real-world risks faced by crypto users.
Attack Overview and Mechanics
Sillytuna’s Ethereum wallet, associated with the address beginning 0xd2e8…ca41, was drained of around $24 million in aEthUSDC through an address poisoning scam. Blockchain security firm PeckShield first flagged the suspicious activity, noting that the attacker exploited a look-alike address inserted into Sillytuna’s transaction history to trick them into sending funds to the wrong recipient .
Once the funds were transferred, the attacker swiftly converted approximately $20 million into DAI and distributed it across two intermediary wallets—each holding roughly $10 million in DAI. The attacker also began bridging small amounts to Arbitrum, likely to facilitate further laundering .
Violent Threats and Law Enforcement Involvement
What sets this case apart is the involvement of physical threats. Sillytuna confirmed that the attack included violence, weapons, and kidnapping threats, prompting a police investigation. The victim stated they were fortunate to escape without serious physical harm and announced plans to exit the crypto industry entirely .
Broader Context: Address Poisoning Trends
Address poisoning—also known as vanity address scams or copy-paste attacks—has become a persistent threat in the crypto ecosystem. Attackers generate wallet addresses that closely resemble legitimate ones and send small “dust” transactions to insert these fake addresses into victims’ transaction histories. When users later copy from history, they may inadvertently send funds to the attacker .
This tactic has led to numerous high-value losses:
– In December 2025, a trader lost nearly $50 million in USDT after copying a poisoned address. The attacker quickly converted the funds into ETH and laundered them via Tornado Cash .
– In May 2024, another victim lost $68 million in wrapped Bitcoin (WBTC) through a similar scam .
Academic studies reveal the scale of the problem: over 270 million poisoning attempts have been recorded across Ethereum and BNB Chain, resulting in confirmed losses exceeding $83.8 million. One study identified 6,633 successful incidents involving around $83.8 million in stolen funds .
Impact on Stakeholders
Individual Victims
For individuals like Sillytuna, the consequences are both financial and psychological. The combination of digital theft and physical threats has driven the victim to abandon the crypto space entirely .
Crypto Community and Security Firms
Security firms such as PeckShield and PaiDun continue to monitor and flag address poisoning attempts. However, the persistence of these scams highlights gaps in wallet security and user awareness .
Wallet Developers
Research shows that only a small fraction of Ethereum wallets currently warn users when they attempt to send funds to a suspicious or look-alike address. This lack of proactive defense underscores the need for stronger safeguards in wallet interfaces .
Analysis and Future Implications
This incident illustrates the evolving nature of crypto threats, where digital scams intersect with physical danger. The use of violent coercion elevates the stakes, signaling that attackers may increasingly resort to real-world intimidation to facilitate theft.
Address poisoning remains a low-cost, high-reward tactic for attackers. With over 270 million attempts and millions of targeted users, the ROI for scammers is substantial—even if only a small percentage succeed .
To mitigate these risks, stakeholders must take coordinated action:
– Wallet developers should implement address similarity warnings and require full address verification before high-value transfers.
– Users must adopt best practices, such as verifying full addresses manually and avoiding reliance on transaction history for copying.
– Law enforcement and crypto platforms should collaborate to trace and recover stolen funds, especially when physical threats are involved.
Conclusion
The case of Sillytuna’s $24 million loss in an address poisoning attack tied to violent threats is a stark reminder of the multifaceted dangers facing crypto users today. As scams become more sophisticated and aggressive, the industry must prioritize security, user education, and technological safeguards. Without these measures, both digital and physical vulnerabilities will continue to threaten the integrity of the crypto ecosystem.
Frequently Asked Questions
What is an address poisoning attack?
An address poisoning attack involves scammers creating a wallet address that closely resembles a legitimate one and sending a small transaction to insert it into the victim’s transaction history. When the victim later copies the address, they may unknowingly send funds to the attacker .
How much did Sillytuna lose in this attack?
Sillytuna lost approximately $24 million in aEthUSDC through an address poisoning attack that also involved violent threats .
What made this incident particularly dangerous?
Beyond the financial loss, the attacker used violence, weapons, and kidnapping threats, prompting a police investigation. The victim decided to leave the crypto industry as a result .
How common are address poisoning attacks?
These attacks are widespread. Over 270 million attempts have been recorded across Ethereum and BNB Chain, with confirmed losses exceeding $83.8 million. Thousands of victims have been affected .
What can users do to protect themselves?
Users should manually verify full wallet addresses before sending funds, avoid copying from transaction history, and use wallets that warn against look-alike addresses .
Are there any technological solutions to prevent these scams?
Some wallets now include warnings for suspicious addresses, but adoption is limited. Improved detection tools and user interface safeguards are needed to reduce the risk of address poisoning .
