As the price of Bitcoin breaks records, hackers change how they do business. Jameson Lopp, a famous cryptographer and the chief security officer of the Bitcoin custody company Casa, is warning users about a dangerous scam getting more significant and trying to trick people into giving out their Bitcoin addresses. Advanced social engineering schemes are tricking even experienced holders into sending money to fake addresses, which is stealing millions of dollars worth of assets. As Lopp’s timed warning makes clear, the crypto community must stay alert and act before it’s too late.
How Bitcoin Address Poisoning Attacks Work
Attacks called “address poisoning” get people to send money to bad addresses that look much like those they already used. Lopp says that attackers use the same first and last characters to make Bitcoin addresses that look like real ones from a user’s transaction information.Â
Lopp first saw signs of this scam in block 797570 (July 7, 2023), which had 36 strange transactions. After that, there was a break in activity, but it started again in block 819455 (December 12, 2023), and there were steady bursts until block 881172 (January 28, 2025).Â
Millions Lost to Growing Threat
Addressing poisoning acts can cause significant damage to businesses’ finances. Cyvers, a cybersecurity company, said more than $1.2 million was stolen in March 2025 alone, after $1.8 million was lost in February. These numbers show that bad things are happening more often, which makes the need for better security tools and user education even more urgent.
State-sponsored hackers and evolving tactics
Hackers with ties to the North Korean government, especially the well-known “Lazarus Group,” are responsible for many of these attacks. They use phishing tactics on social media, fake Zoom meetings with fake venture capitalists, and phony job offers as some of their tricks.Â
Conclusion
It is clear what Jameson Lopp wants people to do: check every Bitcoin address twice before moving money and demand wallet interfaces that show complete addresses without shortcuts. Address poisoning is constantly changing, and the only way crypto holders can stay safe from the growing number of cyber threats is to be attentive, informed, and careful.Â
