F2Pool co‑founder Wang Chun admits 490 BTC lost to phishing ’generous’ hacker

Published: 2025-12-21 18:10:08 |

Wang Chun, co‑founder of major mining pool F2Pool, revealed he lost 490 BTC after deliberately sending 500 BTC to a wallet he suspected was compromised. He said the attacker drained 490 BTC and left 10 BTC, jokingly calling the thief “generous.” Wang shared the hacker’s address but gave no indication of pursuing recovery. The post was shared amid a separate December 2025 address‑poisoning phishing case in which a user lost about 49,999,950 USDT (~$50M) after copying a spoofed address. On‑chain investigator Web3 Antivirus and security firm SlowMist confirmed the attack used similar start/end characters and exploited UIs that truncate addresses. The attacker converted stolen USDT to ETH and split funds, moving some through Tornado Cash. The victim has engaged law enforcement and demanded 98% restitution within 48 hours or promised to escalate civil and criminal action. The Ethereum Community Foundation urged wallets and explorers to stop truncating addresses to reduce such scams. Primary keywords: Wang Chun, F2Pool, phishing, 490 BTC, USDT, address poisoning. Secondary/semantic keywords: wallet compromise, on‑chain forensics, Tornado Cash, wallet UI truncation. This report highlights operational security risks for large holders and the persistence of address‑poisoning scams — relevant for traders monitoring whale behavior and on‑chain fund flows.

Neutral

The news describes two separate security incidents: Wang Chun’s personal loss of 490 BTC after intentionally probing a suspected compromised wallet, and a large address‑poisoning USDT theft of ~50M. Neither event directly changes protocol fundamentals or macro demand for BTC/USDT, so broad market direction is unlikely to shift solely from these reports. Short‑term effects: traders may react to on‑chain movement of large sums (the 490 BTC and the converted USDT→ETH flows), increasing volatility and short‑term selling or risk‑off positioning as wallets involved move funds or mix them through services like Tornado Cash. Alerts from reputable figures (a mining‑pool co‑founder) can temporarily amplify retail and whale caution, leading to reduced leverage and tighter spreads. Long‑term effects: the incidents reinforce persistent operational security risks (address poisoning, UI truncation) and could pressure wallets and explorers to adopt safer UIs — a positive structural change for user safety but not an immediate price driver. Similar past events (large phishing or exchange hacks) typically cause brief market jitters and increased volatility, followed by reversion once funds settle and no protocol vulnerabilities are found. Overall impact is neutral for market direction but increases short‑term monitoring needs for traders watching on‑chain whale movements and fund flows.