Recent on-chain security data indicates a sharp increase in address poisoning and signature-based phishing attacks, with single-month losses reaching up to $12.2 million. Meanwhile, the proportion of stablecoin-related dust transactions on Ethereum has continued to rise, highlighting expanding on-chain security risks.
Address Poisoning Attacks Escalate, Single Victim Loses $12.2M
Latest monitoring shows that in January 2026, a user suffered a loss of $12.2 million after copying an incorrect address from transaction history, falling victim to an address poisoning attack. Combined with a similar incident in December 2025, total losses from just two victims have exceeded $62 million.
Address poisoning attacks typically involve sending small amounts of tokens to victims, making malicious addresses appear visually similar to legitimate ones. Users who copy these misleading addresses during transfers may unknowingly send funds to attackers, resulting in irreversible losses.
Signature-Based Phishing Attacks Also Surge
Beyond address poisoning, signature phishing has become another major source of risk:
- Approx. $6.27 million in losses recorded in January 2026
- ~207% month-over-month increase
- Common tactics include malicious approvals and fraudulent transaction signatures
As wallet signature interactions become more frequent, attackers increasingly rely on these techniques to compromise user assets.
Lower Transaction Costs May Be Driving Attack Growth
Analysis suggests that reduced transaction costs following the Ethereum Fusaka upgrade have significantly lowered the barrier for attackers to conduct dusting and address poisoning campaigns, increasing attack frequency.
Coin Metrics data indicates:
- Stablecoin dust transactions account for around 11% of daily Ethereum transactions
- Attackers can more easily generate misleading transaction records at scale
- Lower costs enable automation and large-scale attack deployment
Stablecoin Flows and Compliance Risks
On-chain analytics firms highlight emerging patterns in illicit fund movements involving specific stablecoins. For example:
- DAI, due to governance structures that may not support address freezing
- Sometimes viewed by illicit actors as a preferred asset storage medium
These trends underscore the growing importance of stablecoin compliance monitoring and risk analysis.
Security Practices and On-chain Risk Monitoring
In response to evolving threats, the industry is strengthening on-chain security and compliance monitoring. Some organizations integrate Trustformer KYT and similar risk analytics tools to identify abnormal addresses, dust transactions, and high-risk fund flows in real time, enabling earlier detection of potential threats.
Users are also advised to:
- Avoid directly copying addresses from transaction histories
- Use address whitelists or trusted address books
- Remain highly cautious with wallet signature requests
- Verify transaction sources through official channels
Conclusion
As transaction costs decline and attack techniques evolve, address poisoning and signature phishing are emerging as major on-chain security threats. Continuous on-chain monitoring, compliance analysis, and stronger user security awareness will be critical defenses in an increasingly complex threat landscape.