Note: If you would like to consume this essay in forming a video presentation, please see this keynote.
Address addiction attacks are a form of social engineering in which a malicious actor attempts to trick users into sending cryptocurrency to users (controlled by attackers) to the wrong address by taking advantage of the way the wallet interface displays and stores addresses.
My interest in this subject was drilled in January when Mononaut pointed out this strange transaction.
How it works
The attacker generates a very similar Bitcoin address at the start and end of the victim’s recently used addresses, especially the only part of the address that is visible in many wallets. How is this achieved? By generating and discarding a huge amount of private keys through brute force. There are many free vanity address generator tools available to accomplish this task.
The attacker then deposits a small amount of cryptocurrency at this address, but is usually not worth less than a dollar.
It then “poisons” the target’s transaction history by sending funds from this similar address to the victim’s address. Here is an example of an addiction transaction:
When the victim wants to send funds later, they can naively copy previously used addresses from their transaction history, without realizing it is the attacker’s spoofed address.
Result: The victim accidentally sends funds voluntarily to the attacker’s address, and the attacker maintains the stolen funds.
Why does it work?
Human error: Often it relies on partial address matches rather than checking the entire string.
Wallet UX: Many wallet interfaces shorten addresses and cannot trust visual verification.
Transaction History Shortcut: Some users copy addresses directly from past transaction lists without reviewing them.
Real world attacks
I wrote a script that scanned the entire blockchain history of a transaction with one input and one output, where the first and last four characters of both the input and output addresses match.
The first such transaction will not appear until block 797570 (7 July 2023) with 36 such transactions. Everything then quieted down until block 819455 (December 12, 2023), then we were able to find regular bursts of these transactions until block 881172 (January 28, 2025). Then there was a two-month break before they started again.
Over this 18-month period, only 48,000 transactions have been sent, matching this profile of potential address addiction.
Each transaction is between 100 and 200 virtual bytes. 6,654,534 virtual bytes in block space. Approximately 4 blocks of space.
0.06840502 BTC was spent on dust output
0.22305335 BTC was spent on fees
Total: 0.29145837 BTC = $25,000 at today’s exchange rate.
It is also worth noting that this type of “spray and prayer” dusting attack is economically feasible only in low-cost environments, such as those we’ve seen recently. One SAT/VB fee makes sense, but at 100 SAT/VB it’s awfully expensive.
Script Type
The attackers sent to the P2PKH, P2SH, and P2WKH addresses observed that the P2TR address was not deposited.
Attack success rate
I wrote a script that checked all the malicious “poison” addresses. We have checked whether any of them received the deposit after the initial deposit and withdrawal of the attack transaction.
It appears to be sending malicious address BC1QR9WUW4ZKJFLET80LR9CR5EC8620C4FG52WUA0H Target Victim Address BC1QR9XKXANFSTZQPFD5CE0T3EVWC45PNMSR2WUA0H to 0.1 BTC. Here you can see transactions that contain malicious addresses.
Early “addicted” trade. Receiving funds from dubbing funds from stupid victims to another wallet
Next, we can see additional evidence that the target address actually appears to have been fooled. It turns out they sent 0.1 BTC to a malicious address, and after 12 hours they sent 0.1 BTC to another address.
A totally successful address addiction attack:
0.1 BTC BC1QR9WUW4ZKJFLET80LR9CR5EC8620C4FG52WUA0H
At least it’s not a huge return rate yet! This spends almost 0.3 BTC to get 0.1 BTC. Of course, another way to see it is one for a success rate of 48,000. That one successful trick could easily lead to a much higher ROI, as the money was spent on hold at close to 8 BTC, making the entire project profitable.
It is worth noting that it was combined with address addiction and was combined with major theft to trick the multi-signature co-signer into sending 4,503 BTC to the attacker’s hands from exchange, but this is somewhat speculative and out of the scope of my research. Related Threads:
Japan’s exchange DMM Bitcoin recently lost 4503 BTC worth more than $300 million.
So what happened? Did North Korea hack the mainframe? Perhaps a team of elite thieves has carried out a series of elaborate robberies to remove multi-sigkeys from DMM’s safes?
Let’s investigate… https://t.co/plq4cbnfx9
– Mononaut (@mononautical) June 1, 2024
Victim Profiling
What were the characteristics of the address that was the subject of addiction? It’s difficult to see certain patterns, but I think the attackers have only looked at the addresses of recent activities over the past year or so.
The biggest surprise I’ve come across is that 12,199 target addresses have never used funds! This seems like a rather stupid oversight – if I was making such an attack, I would like to target a lot of spending, and hopefully spend on the same address, to increase the likelihood that human Spenders will be fooled.
Naturally, most target addresses, which were expenditures, sent less than 10 btc per transaction.
Most target addresses had less than 10 deposits.
Generally, the distribution of balances is not surprising. The only clear thing is that attackers are generally ignored addresses with a balance of less than 1 BTC.
How to protect yourself
Please double check your entire address before sending Bitcoin.
Use address labels or contacts in your wallet to ensure that you do not rely on memory or recent transactions.
Don’t trust your address, even from a deposit, because it appears in your transaction history!
Please do not reuse your address, period! This remains a best practice for Bitcoin for many reasons.
Potential future research
If anyone is interested in extending this research, my scripts and data can be found here. Here’s a few lines of research:
Cluster analysis of attacker funds searches for more complex addiction transactions that are not just one input to determine whether it is one entity or multiple different entities. It’s not just one output.
