Crypto Holder Loses $24 Million in Address Poisoning Attack Tied to Violent Threats

A crypto holder identified as Sillytuna lost approximately $24 million in aEthUSDC after an address poisoning attack, with the incident also involving violent threats.

According to on-chain data, the attacker has already converted most of the stolen funds.

Why it matters:

• An address poisoning attack is a crypto scam in which scammers create a lookalike address and send a small transaction to the target’s address book. 
• This “poisons” the target’s address book, leading them to mistakenly send funds to the scammer’s address instead of the intended recipient. 
• It relies on the fact that people may copy wallet addresses from recent transactions rather than verify the full address.
• The attack on Sillytuna is part of a broader escalating pattern. According to blockchain security firm CertiK, 2025 was the most violent year in the cryptocurrency space, with 72 recorded incidents.

The details:

• PeckShieldAlert identified the exploited address as 0xd2e8…ca41, linked to Sillytuna, with approximately $24 million in aEthUSDC drained.
• Sillytuna confirmed on X that the attack involved violence, weapons, and kidnapping threats, with police now involved.
• Lookonchain tracked the attacker converting most funds into 20.34 million DAI (DAI), with a smaller portion bridged to Arbitrum and deposited into Hyperliquid to buy Monero (XMR).
• Sillytuna is offering a 10% bounty on any funds recovered by individuals or platforms.

The big picture: