ScamSniffer has warned that Ethereum’s Fusaka upgrade has made address poisoning attacks much cheaper and a more persistent issue, as malicious actors can carry out dust transactions for very little cost.
In a recent X post, the Web3 anti-scam solutions provider said that one victim lost $12.2 million in January after sending funds to a fake address copied from their transaction history, while another user lost roughly $50 million worth of Ether (ETH) in a similar fashion in December 2025.
Ethereum Fusaka Upgrade Lowers Cost of Address and Signature Poisoning Attacks
Address poisoning is a social engineering scam that manipulates the way cryptocurrency addresses are displayed and copied. In this scheme, bad actors send small transactions, known as “dust,” from addresses that look similar to those in the victim’s transaction history, hoping the target will copy the wrong address.
Blockchain security firm Web3 Antivirus stated that address poisoning is one of the most consistent ways large amounts of crypto get lost, with some of the largest losses it tracked ranging from $4 million to $126 million. The researchers explained that hackers generate entire addresses that match the same first and last few characters, but are different in the middle, making them look identical to addresses known to potential victims.
Analysts speculate that the Fusaka upgrade on the Ethereum mainnet in December contributed to an increase in these attacks, as it made the network much cheaper to use in terms of transaction costs while improving scalability. The dust transactions act as a prerequisite to the attack itself and are numerous, often designed function as traps. However, not all of them catch prey; nevertheless, these dust transfers count as real transactions on-chain and have been inflating Ethereum metrics.
Following the hard fork, Ethereum saw a massive surge in network activity that has carried into the new year. Daily transactions have hit all-time highs, while the number of active or new addresses spiked dramatically. However, analysts have pointed out that a substantial portion of these transactions is linked to mass address poisoning campaigns rather than organic adoption or usage.
Address Poisoners Use DAI Dust Transfers to Inflate Ethereum Transactions
According to Coin Metrics, stablecoin-related dust activity now accounts for 11% of all Ethereum transactions and 26% of active addresses on average. After analyzing over 227 million balance updates for stablecoin wallets on Ethereum between November 2025 and January 2026, the firm found that 38% addresses had less than a penny, consistent with millions of wallets that continue to receive tiny dust deposits.
On Sunday, blockchain intelligence firm Whitestream reported that the decentralized DAI stablecoin has gained a reputation as a preferred asset for illicit actors, serving as a “parking space” for stolen funds. They noted that this is due to the MakerDAO protocol’s governance, which does not cooperate with authorities when it comes to freezing DAI wallets.
According to ScamSniffer’s January report, signature phishing attacks also surged on Ethereum, with a total of $6.27 million in assets stolen from 4,741 victims during the month, which is a 207% increase from December, with two wallets accounting for 65% of all signature phishing losses. This technique involves attackers tricking users into signing malicious on-chain transactions, such as unlimited token approvals.
The fact that ETH’s price has barely posted a bullish reaction to all the records that the blockchain is breaking post-Fusaka further justifies the argument of artificial inflation.
At the time of writing, Ethereum (ETH) is trading at $2,052 – down 2.82% in 24 hours.
