A high-profile crypto holder, known online as Sillytuna, has lost approximately $24 million in a sophisticated address poisoning attack that escalated into a violent physical assault. The incident involved threats with weapons, kidnapping, and sexual violence, prompting law enforcement involvement and raising alarm across the U.S. crypto community.
On March 5, 2026, blockchain security firm PeckShield flagged a massive transfer of about $24 million in aEthUSDC from a wallet associated with Sillytuna (0xd2e8…ca41) to an attacker-controlled address, marking one of the largest address poisoning incidents to date .
Address poisoning is a deceptive tactic where attackers send a small “dust” transaction from a lookalike address to the victim’s wallet history. When the victim later copies the address—often checking only the beginning and end—they inadvertently send funds to the scammer .
Following the theft, the attacker rapidly converted the stolen aEthUSDC into DAI, splitting roughly $20 million across two intermediary wallets, each holding about $10 million . Portions of the funds were also bridged to Arbitrum and used to purchase Monero (XMR), a privacy-focused cryptocurrency, complicating recovery efforts .
While initial reports labeled the incident as an address poisoning scam, Sillytuna clarified that the theft involved real-world violence. In a public post, they stated the attackers used weapons and issued kidnapping and rape threats, confirming police involvement .
Some analysts now classify the incident as a “crypto wrench attack”—a term describing physical coercion used to force victims into transferring funds or revealing private keys . This distinction underscores the growing convergence of digital and physical threats in the crypto space.
Address poisoning attacks are not new, but their frequency and scale have surged. In 2025 alone, over 270 million poisoning attempts were recorded across Ethereum and BNB Chain, resulting in confirmed losses exceeding $83.8 million .
Notable past incidents include a $50 million USDT loss in December 2025, where a trader mistakenly sent nearly $50 million to a poisoned address after a dust transaction appeared in their history . In May 2024, a user lost $68 million in WBTC due to a similar exploit .
These attacks exploit human error and interface design flaws. Many wallets hide the middle portion of addresses, making it easy for users to overlook subtle differences . Academic research confirms that only a few wallets offer explicit warnings when users attempt to send funds to known phishing addresses .
Sillytuna’s loss is both financial and psychological. The violent nature of the attack has led them to announce their exit from the crypto industry entirely . They have also offered a 10% bounty for any recovered funds, signaling both desperation and hope for restitution .
This incident has heightened awareness of physical threats targeting crypto holders. The term “wrench attack” is gaining prominence, and security experts warn that such threats are becoming more common .
Blockchain analysts are closely monitoring the attacker’s wallet activity, which remains partially traceable. Law enforcement agencies are now involved, though recovery remains uncertain .
Security experts recommend several best practices to mitigate address poisoning risks:
This case illustrates the evolving threat landscape in crypto. Address poisoning attacks are no longer limited to digital deception—they now intersect with real-world violence. The blending of physical coercion with technical scams raises the stakes for crypto holders.
Law enforcement and security firms must adapt. Traditional cybercrime frameworks may not suffice when attackers resort to physical intimidation. Collaboration between blockchain analysts, wallet providers, and authorities is essential.
Wallet developers also face pressure to enhance UI design and implement safeguards. Features like full-address verification, phishing alerts, and transaction confirmation prompts could significantly reduce risk.
Finally, the crypto community must acknowledge that security extends beyond code. Personal safety and physical security are now integral to protecting digital assets.
The violent theft of $24 million from Sillytuna in a wrench-style address poisoning attack marks a disturbing escalation in crypto crime. It underscores the urgent need for stronger security practices, improved wallet design, and coordinated responses from law enforcement and industry stakeholders. As threats evolve, so must the defenses.
An address poisoning attack involves scammers sending a small transaction from a lookalike wallet address to the victim’s transaction history. When the victim copies the address later, they may mistakenly send funds to the scammer.
Sillytuna fell victim to an address poisoning attack and was coerced through violent threats to transfer approximately $24 million in aEthUSDC. The stolen funds were converted into DAI and partially bridged to Arbitrum and Monero.
A crypto wrench attack involves physical violence or threats used to force a victim to transfer funds or reveal private keys. In this case, Sillytuna reported weapons, kidnapping, and sexual violence threats.
Recovery is challenging. Some funds remain traceable in intermediary wallets, and law enforcement is involved. Sillytuna has offered a 10% bounty for any recovered funds.
Best practices include verifying full wallet addresses, avoiding copying from history, using address books or ENS domains, conducting test transactions, and storing large holdings in cold wallets.
Address poisoning attacks are increasingly frequent. In 2025, over 270 million attempts were recorded across major blockchains, resulting in tens of millions in confirmed losses. The addition of physical coercion marks a dangerous new trend.
A crypto holder loses $24 million in an address poisoning attack, sparking violent threats and…
Crypto holder loses $24 million in address poisoning attack tied to violent threats. Discover how…
Crypto holder loses $24 million in address poisoning attack tied to violent threats—learn how to…
Discover how Kraken gains Fed access and what this means for Ripple’s master account ambitions.…
Discover how Kraken gains Fed access and what it means for Ripple’s chances of securing…
Discover X Money's first images as Elon Musk responds to potential crypto integration. Stay ahead…