Address poisoning attacks are a stealthy and efficient form of fraud. Attackers send small amounts of valueless tokens to target wallets, using forged addresses that closely resemble the user's own address or frequently used contacts. These fake addresses typically match the first and last few characters of the real address, with differences inserted only in the middle – and most users rarely verify addresses character by character when copying them.
When users need to make a transfer later, they often copy the seemingly familiar address directly from their transaction history, resulting in funds being quietly transferred to a wallet controlled by the attacker. Since blockchain transactions are irreversible, once confirmed, the assets cannot be recovered.
According to security firm Cyvers, over a million address poisoning preparation operations occur daily on the Ethereum network alone. Trust Wallet data shows that approximately 34,000 such attacks are successfully executed globally every hour. This is not an isolated case, but a large-scale, automated black market operation.
To counter this threat, Trust Wallet has officially launched the "Address Poisoning Protection" feature. This feature runs automatically on mobile devices, covering 32 EVM-compatible chains, without requiring users to manually enable it. When a user copies or enters a recipient address, the system will compare it in real-time against known malicious address data from the HashDit and Binance security databases. If a match is found, the application will immediately display a visual comparison interface, highlighting the differing characters between the fake address and the target address, directly addressing the core vulnerability of the attack: users relying on visual memory rather than character-by-character verification.
The prevalence of such attacks stems from their low cost and high return characteristics. The attack does not require a large capital investment and leaves no traceable on-chain evidence, fully exploiting the user's habitual behavior of copying historical addresses. A successful attack that steals funds from a whale wallet can yield thousands of times the cost of preparing the transaction. As a result, even with a low success rate, attackers can still achieve sustained profitability through massive attempts.
Currently, Trust Wallet plans to extend the protection scope to more blockchain networks, further enhancing protection for cross-chain users.