Changpeng Zhao, the founder of cryptocurrency exchange Binance, popularly known as CZ, has called for industry-wide action to eliminate address poisoning scams. CZ made the rallying call after a $50 million loss by a single trader a few days ago. Writing on Wednesday, December 24, 2025, CZ outlined a blueprint for protecting cryptocurrency users from fraudulent transactions. Binance already does what CZ is recommending, using automatic checks that warn users before they send funds to flagged addresses. CZ is urging other platforms to adopt similar safeguards. “Our industry should be able to completely eradicate this type of poison attacks, and protect our users,” CZ wrote on Binance’s social platform. “All wallets should simply check if a receiving address is a ‘poison address’, and block the user.” CZ challenges industry against poison address scams The urgency behind CZ’s intervention goes back to a December 19 incident where a trader lost nearly $50 million in USDT stablecoins after copying a fraudulent address from their transaction history. According to blockchain security firm Web3 Antivirus , the victim had withdrawn the funds from Binance less than an hour before the attack. As reported by Cryptopolitan, the trader initially sent a test transaction of 50 USDT to verify the correct destination address. A few minutes later, they transferred $49,999,950 to what appeared to be the same recipient. The actual destination, however, was a scammer-controlled address designed to match the first three and last four characters of the legitimate address. Security researcher Cos , founder of SlowMist, noted that the malicious address 0xBaFF2F13638C04B10F8119760B2D2aE86b08f8b5 bore a deceptive resemblance to the intended destination 0xbaf4b1aF7E3B560d937DA0458514552B6495F8b5. Cos said that the subtlety is in the middle characters, which is enough to deceive even pros who rely on partial checks. Within 30 minutes of receiving the stolen funds, the attacker converted the USDT to DAI via MetaMask Swap, then swapped it for roughly 16,690 ETH before depositing most of the cryptocurrency into Tornado Cash. What are address poisoning scams? Binance developed its detection algorithm in May 2024, following a separate $68 million address poisoning attack that saw the funds mysteriously returned after investigators traced the scammer’s Hong Kong-based IP addresses. How does Binance’s system against address poisoning work? According to reports, Binance’s system identifies suspicious transfers with near-zero value or unknown tokens, pairing them with potential victim addresses, and time-stamping malicious transactions to determine the point of poisoning. CZ’s proposal also called for wallets to ignore small-value spam transactions entirely in the interface that users see. Finally, he asked security alliances to maintain real-time blacklists that are accessible across different mediums and to all platforms. Address poisoning has accounted for more than 10% of wallet drains in 2025, according to Web3 Antivirus and SlowMist. The attack exploits a common user behavior, which is the fact that most people verify only the beginning and ending characters of their respective wallet addresses, rather than examining each digit when transferring cryptocurrency. Speaking at the MIT Bitcoin Expo in April, Jameson Lopp , chief security officer at Bitcoin custody firm Casa, attributed the current proliferation to low transaction fees, which make it economical for scammers to send thousands of fake transactions. The December incident contributes to what has been a record year for cryptocurrency theft. With a few days left in the year, Chainalysis ’ recent crypto crime report shows that over $3.4 billion has been stolen, with North Korea hackers accounting for over $2 billion of those thefts. Get up to $30,050 in trading rewards when you join Bybit today
