Address Poisoning Attack Drains $24 Million aEthUSDC from Sillytuna-Linked Wallet

According to a PeckShield security alert, a cryptocurrency wallet associated with Sillytuna suffered an address poisoning attack on March 4, 2026, resulting in the loss of approximately 23.6 million aEthUSDC, valued at around $24 million. The transaction was confirmed in Ethereum block number 24585515. The victim mistakenly transferred all assets to what appeared to be a legitimate Aave V3 address, which was in fact a malicious address carefully crafted by the attacker.

The attack method is a typical case of "address poisoning." The attacker implants similar addresses in the victim's wallet transaction history, inducing them to copy and send funds. Once the funds are transferred, the system automatically converts the aEthUSDC to DAI and quickly transfers it to two main wallets controlled by the attacker, each containing approximately $10 million DAI, totaling $20 million.

Blockchain monitoring data shows that some of the funds have been transferred to the Arbitrum network via a cross-chain bridge, suggesting that the attacker is attempting to obscure the flow of funds through Layer 2 channels in preparation for subsequent money laundering. The remaining approximately $4 million may be used to pay Gas fees, bridging fees, or split into multiple small addresses to reduce the difficulty of tracking. Currently, no further outflow of funds has occurred from the two main wallets, but security agencies are continuing to monitor cross-chain movements.

This incident once again highlights the hidden nature and destructive power of address poisoning attacks in the decentralized finance (DeFi News) space. Users can suffer huge losses not due to private key leakage, but simply due to operational misjudgment. As of now, there is no public information regarding the identity of the victim or the progress of recovery efforts. This case serves as a warning to users to manually verify the recipient address before making any on-chain transfers, and to avoid relying on the auto-fill function of historical records.