Ethereum User Loses 4,556 ETH (~$12.4M) to Address Poisoning That Spoofed Galaxy Digital

An Ethereum user (wallet 0xd674) accidentally transferred 4,556 ETH (≈$12.4M) to an attacker after copying a poisoned address that mimicked Galaxy Digital’s deposit address. On-chain researcher Lookonchain says the attacker created a lookalike address matching the first and last four characters of Galaxy’s address, then sent small “dust” transactions so the fake address would appear in the victim’s transaction history. The victim copied the familiar-looking entry and pasted the attacker’s address, sending the full balance in a single, irreversible Ethereum transaction. Blockchain records show no protocol or exchange breach. The incident highlights the rising risk of address poisoning and copy‑paste scams: attackers exploit users’ habit of checking only the first and last characters of long hex addresses and leverage public transaction history and reused deposit addresses. Recommended mitigations for traders include verifying full addresses before transfer, saving trusted deposit addresses (address books/ENS/bookmarks), using hardware wallets, sending test transactions in small batches, and employing security tools that flag lookalike or recently seen addresses. The case reinforces that on-chain transparency can be weaponized against predictable wallet behaviors and underlines the need for strict transaction hygiene among high-value ETH holders.