A high-profile crypto holder known as Sillytuna has lost approximately $24 million in a sophisticated address poisoning attack that escalated into violent threats. This alarming incident underscores growing vulnerabilities in crypto security and the real-world dangers faced by digital asset holders.
On March 5, 2026, blockchain security firm PeckShield flagged a massive transfer of around 23.6 million aEthUSDC—worth nearly $24 million—from the Ethereum address 0xd2e8…ca41, linked to Sillytuna . Analysts identified the incident as an address poisoning attack, where attackers send a small “dust” transaction from a lookalike address to contaminate the victim’s transaction history. When the victim later copies an address from that history, they may inadvertently send funds to the attacker .
Following the theft, the attacker swiftly converted the stolen aEthUSDC into DAI, splitting the funds across two intermediary wallets—each holding roughly $10 million in DAI . On-chain monitoring also revealed that portions of the stolen funds were bridged to the Arbitrum network and used to purchase Monero (XMR), a privacy coin, via Hyperliquid—suggesting efforts to obscure the money trail .
What sets this case apart is the real-world violence that accompanied the cyberattack. Sillytuna confirmed via social media that the theft involved threats of violence, weapons, kidnapping, and rape, and that law enforcement is now involved in the investigation . The victim also announced plans to exit the crypto industry entirely, shaken by the ordeal .
In an effort to recover the stolen funds, Sillytuna is offering a 10% bounty to anyone—individuals or platforms—who can help retrieve the assets .
This incident is part of a broader surge in address poisoning attacks. In January 2026 alone, one victim lost $12.2 million in a similar scam, adding to a $50 million loss in December 2025 . Security researchers estimate that over 270 million poisoning attempts have targeted 17 million users, resulting in at least $83.8 million in confirmed losses .
Moreover, the Ethereum Fusaka upgrade appears to have lowered transaction costs, making dust attacks more affordable and widespread. Analysts report that tiny “dust” transfers now account for 11% of all Ethereum transactions and affect 26% of active addresses daily . Physical threats against crypto holders are also on the rise—2025 saw a 75% year-over-year increase in violent incidents, with kidnapping and assault becoming more common .
This attack illustrates a dangerous convergence of cybercrime and physical violence. As attackers increasingly blend digital theft with real-world threats, the stakes for crypto holders have never been higher.
Address poisoning exploits human error—specifically, the tendency to rely on abbreviated address formats. Until wallet interfaces evolve to display full addresses or flag suspicious ones, users remain vulnerable. Academic research shows that only three out of 53 popular Ethereum wallets currently issue explicit warnings when users attempt to send funds to lookalike addresses .
The use of privacy coins like Monero in laundering stolen funds further complicates recovery efforts. As attackers pivot toward more opaque methods, law enforcement and blockchain tracing tools must adapt quickly.
This incident may prompt wallet developers to implement stronger anti-phishing features, such as similarity detection, warnings, and manual address verification prompts. Regulatory bodies could also push for industry standards to protect users from address poisoning and related scams.
The case of Sillytuna’s $24 million loss in an address poisoning attack tied to violent threats is a stark warning for the crypto industry. It reveals how digital vulnerabilities can escalate into physical danger and highlights the urgent need for improved wallet security, user education, and law enforcement readiness. As address poisoning attacks proliferate and evolve, the crypto community must respond with stronger defenses and greater vigilance.
An address poisoning attack involves sending a small “dust” transaction from a lookalike wallet address to contaminate a victim’s transaction history. The victim may later copy the wrong address and send funds to the attacker.
Sillytuna’s wallet was compromised through an address poisoning attack. The attacker drained approximately $24 million in aEthUSDC, converted most of it into DAI, and began laundering via Arbitrum and Monero.
Yes. Sillytuna confirmed that the attack involved threats of violence, weapons, kidnapping, and rape. Law enforcement is now involved in the investigation.
Sillytuna is offering a 10% bounty to anyone who can help recover the stolen assets. Law enforcement and blockchain tracing tools are also engaged.
Very widespread. Researchers estimate over 270 million poisoning attempts have targeted 17 million users, resulting in at least $83.8 million in confirmed losses.
Users should always verify full wallet addresses manually, use wallets that flag suspicious addresses, and avoid relying on copy-paste from transaction history.
A crypto holder loses $24 million in an address poisoning attack, sparking violent threats and…
Crypto holder loses $24 million in address poisoning attack linked to violent threats. Learn how…
Crypto holder loses $24 million in address poisoning attack tied to violent threats—learn how to…
Discover how Kraken gains Fed access and what this means for Ripple’s master account ambitions.…
Discover how Kraken gains Fed access and what it means for Ripple’s chances of securing…
Discover X Money's first images as Elon Musk responds to potential crypto integration. Stay ahead…