CZ goes after Etherscan for displaying address poisoning scams, offers up Trust Wallet solutions

Address poisoning attacks have emerged as a significant vulnerability across blockchain networks, with confirmed losses now exceeding $79 million as attackers exploit lower transaction costs following recent upgrades. The issue has intensified pressure on wallet providers and blockchain explorers to deploy detection technology, with industry leaders increasingly calling for immediate action.

The Scale of the Problem

Research from 2025 identified approximately 17 million poisoning attempts targeting around 1.3 million Ethereum users over a two-year period. While the individual success rate remains modest—roughly 0.01% of targeted users—the sheer volume of attacks makes the economics favor scammers.

A single successful transfer of significant value can offset thousands of failed attempts conducted at minimal cost. Compounding the problem, multiple attack groups frequently target identical addresses simultaneously, creating intense competition among fraudsters to be the first malicious address copied by unsuspecting victims.

The cost structure of poisoning attacks creates a perverse incentive structure where scammers can afford massive failure rates as long as occasional successes yield substantial payoffs.

— Industry Analysis, 2025

The problem accelerated following the Fusaka upgrade, activated on December 3, 2025, which was designed to reduce transaction fees across Ethereum. While the upgrade successfully lowered costs, it inadvertently created favorable conditions for high-volume poisoning campaigns.

Within 90 days of activation, daily transaction volume climbed 30% compared to the same period previously. New daily addresses increased approximately 78%, alongside a marked uptick in dust transfers—the small-value transactions used in poisoning schemes.

How Address Poisoning Works

The attack exploits a straightforward user behavior: copying addresses directly from transaction history without verifying authenticity. Scammers generate transactions to newly created addresses that closely resemble legitimate addresses, appearing in a user’s past transactions.

When users later copy what they believe is a known address from their history, they may unknowingly copy the poisoned version instead. This simple but effective technique requires minimal technical sophistication while maintaining plausible deniability for the attacker.

The attack succeeds through volume and patience rather than technical complexity. With thousands or millions of attempts available at low cost, scammers wait for users to make copying errors under time pressure or inattention.

Market Context and Growing Losses

The $79 million in confirmed losses represents only documented cases, with security researchers estimating actual losses may exceed $120-150 million when accounting for unreported incidents and losses on non-Ethereum chains. This emerging threat has begun attracting institutional attention from cybersecurity firms and blockchain security consultancies.

The poisoning problem disproportionately affects high-value traders and institutional users, who frequently execute large transfers and may be targets of coordinated campaigns. Several cryptocurrency exchanges have reported internal losses from poisoning incidents, prompting investment in detection infrastructure at the institutional level.

Market analysts project that without comprehensive industry response, poisoning losses could reach $500 million annually by 2026, potentially triggering regulatory intervention. Insurance products specifically covering address poisoning losses remain unavailable, leaving victims with limited recourse options.

Industry Response and Proposed Solutions

Changpeng Zhao, CEO of Binance, has publicly criticized major Ethereum explorers including Etherscan for insufficient action on the poisoning problem. Rather than treating address poisoning as an inevitable cost of decentralized networks, Zhao argues that existing filtration technology provides viable solutions today.

He specifically highlighted Trust Wallet’s recently deployed address poisoning protection as a model that other platforms should adopt. The solution operates through automatic real-time verification against a database of known scams and lookalike addresses, alerting users when high-severity threats are detected.

Existing wallet and explorer platforms possess the technological capability to meaningfully reduce poisoning success rates without compromising decentralization principles.

— Changpeng Zhao, Binance CEO

Trust Wallet’s implementation includes side-by-side address comparisons to help users visually distinguish legitimate addresses from malicious copies. The feature became available across 32 EVM-compatible chains upon launch, including Ethereum, BNB Smart Chain, Polygon, Optimism, Arbitrum, and Avalanche.

Etherscan has recommended conventional protective measures to its user base, including manual address verification and double-checking before sending funds. However, critics argue these recommendations place the burden entirely on users rather than leveraging platform-level detection capabilities.

Wallet Provider Landscape and Competitive Positioning

The poisoning crisis has created market differentiation opportunities for wallet providers willing to invest in detection infrastructure. MetaMask, which controls approximately 30% of the retail cryptocurrency wallet market, has indicated plans to implement poisoning detection in Q2 2025. Ledger Live and Phantom Wallet have similarly committed to deploying protection features, though timelines remain uncertain.

This competitive shift suggests that address poisoning protection may become table-stakes functionality for retail wallet providers within 18-24 months. Platforms prioritizing implementation stand to gain market share from security-conscious users, while laggards risk reputational damage from high-profile victim incidents.

Blockchain explorers face separate pressure, as they serve both retail users and institutional clients who expect security infrastructure commensurate with other financial platforms. The current reliance on user education rather than automated protection increasingly appears inadequate given attack sophistication.

Path Forward

The debate over address poisoning solutions reflects a broader tension in cryptocurrency design between user responsibility and platform accountability. While decentralized principles emphasize user control and verification, the sophistication of modern attacks increasingly exceeds practical user capabilities.

Industry observers note that blockchain explorers and wallet providers occupy a unique position to implement detection without compromising core decentralization features. Detection operates purely on a user’s local interface—it does not require consensus changes or restrict network participation.

As attack losses continue mounting, regulatory scrutiny may increase pressure for mandatory protections. Platforms that proactively implement effective solutions may gain competitive advantages while reducing reputational risk from high-profile victim losses.

The technical feasibility of protection is no longer in question. The remaining challenge involves coordination across wallet providers, explorers, and exchanges to deploy detection at scale while maintaining compatibility across diverse blockchain networks. Industry working groups have begun forming to establish standardized detection protocols and shared threat intelligence databases.

Given the rapid progression of attack sophistication and the scale of losses, the window for voluntary industry adoption may be closing. Early leaders in implementation will likely establish market position and influence protocol development, while delayed response risks both competitive disadvantage and regulatory mandates. The cryptocurrency industry’s response to address poisoning will signal whether the ecosystem can self-regulate security challenges or whether external oversight becomes necessary.