Victim offers $1 million bounty, legal threat after $50 million crypto theft

A crypto user suffered a $50 million loss in USDT due to an address poisoning scam, where a hacker created a wallet address closely mimicking the intended recipient's address. The scammer first sent a small "dust" transaction to poison the victim's transaction history. The victim, relying on copying the address from this history, mistakenly sent nearly $50 million to the malicious address instead of a test transaction. The stolen funds were quickly swapped for Ether and moved through multiple wallets, with some interacting with the sanctioned mixer Tornado Cash to obscure the trail. In response, the victim issued an onchain message demanding the return of 98% of the funds within 48 hours, offering a $1 million white-hat bounty for the full return, and warning of international legal escalation and criminal charges if the attacker fails to comply. The exploit targeted user habits like copying partial addresses, not code vulnerabilities.

(Source：CoinDesk)