- Ethereum’s record activity may be partly driven by mass address poisoning attacks.
- Lower gas fees have made large-scale scam campaigns cheaper to run.
- Over $740,000 has already been lost through deceptive dust transactions.
Ethereum is seeing a sharp rise in network activity, but not all of it appears to be organic. Security researchers warn that a wave of address poisoning attacks may be inflating recent metrics, taking advantage of significantly lower transaction fees following December’s Fusaka network upgrade.
According to data highlighted by Cointelegraph, Ethereum’s active address retention nearly doubled to around eight million within a month, while daily transactions climbed to a record high near 2.9 million. At first glance, the numbers suggest renewed user engagement. A closer look, however, points to a more troubling explanation.
A Sudden Spike in New Addresses and Transactions
The week beginning Jan. 12 marked a notable jump in activity. Roughly 2.7 million new addresses were created during that period—about 170% above normal levels—while daily transactions consistently exceeded 2.5 million. Security researcher Andrey Sergeenkov says this kind of surge is unusual and difficult to explain through typical user growth alone.
Instead, he believes the data aligns with patterns commonly seen during large-scale spam campaigns.
Why Lower Gas Fees Changed the Economics for Attackers
Ethereum transaction fees dropped more than 60% in the weeks following the Fusaka upgrade in early December. While cheaper fees improve usability for legitimate users, they also reduce the cost of abuse.
Sergeenkov argues that this shift has made address poisoning attacks far more attractive. With minimal expense, attackers can now distribute misleading transactions at massive scale, filling wallets’ transaction histories with deceptive lookalike addresses.
How Address Poisoning Works—and the Real Cost
Address poisoning relies on tricking users into copying the wrong wallet address. Scammers send tiny amounts—often stablecoins worth less than a dollar—from addresses designed to resemble legitimate ones. These transactions appear in wallet histories, increasing the risk that users accidentally reuse a fraudulent address later.
By tracking wallets that received dust as their first stablecoin transaction and filtering for addresses that sent funds to over 10,000 recipients, Sergeenkov identified likely “dust distributor” wallets. Some sent bait transactions to more than 400,000 addresses.
So far, these attacks have led to losses exceeding $740,000 across 116 known victims.
While Ethereum’s rising activity metrics look encouraging on the surface, researchers caution that security must keep pace with scalability. As Sergeenkov put it, expanding network capacity without strengthening user protections creates new attack surfaces.
Also Read: Vitalik Buterin: Today’s DAOs Are Broken—Here’s What Must Change
The recent surge serves as a reminder that raw usage data doesn’t always tell the full story—and that education and better wallet safeguards remain critical as Ethereum continues to scale.
Disclaimer: The information in this article is for general purposes only and does not constitute financial advice. The author’s views are personal and may not reflect the views of CoinBrief.io. Before making any investment decisions, you should always conduct your own research. CoinBrief.io is not responsible for any financial losses.
