CZ follows Etherscan by showing spam transactions from address poisoning scams, saying block checkers should filter out malicious transmissions entirely.
Summary
- CZ says that block checkers should filter out spam that poisons the address.
- User received 89 poison warnings in 30 minutes after two referrals.
- Attackers use fake addresses and fake value transfers to trick users.
The former CEO of Binance posted on X that TrustWallet already uses this filter, while Etherscan continues to show toxic transactions with no value flooding users’ wallets.
The criticism follows an incident where a user identified as Nima received 89 toxic emails in less than 30 minutes after transferring stablecoins to Ethereum just twice.
Etherscan has issued a warning about the attack, which aims to trick users into copying the same addresses from their transaction history when sending money.
“Many will be victims of this,” Nima warned after the campaign targeted her wallet.
CZ follows Etherscan in showing spam sales
Xeift clarified that Etherscan hides zero-value transfers by default, but BscScan and Basescan require users to click the “hide tx value 0” button explicitly to remove toxic address purchases.
Differences in default settings leave some users exposed to spam that can lead to sending money to addresses controlled by attackers.
CZ noted that filtering may affect small transactions between AI agents in the future, suggesting that AI may be used to distinguish legitimate zero-value transfers from spam.
Dr. Favezy pointed out that volatility creates additional risks beyond address toxicity. The 0x98 wallet exchange that turned $50 million into $36,000 yesterday raised concerns about the choice of source of income.
“I really hope that AI agents will be able to pass the right routers and the best sources of liquidity to avoid situations like this,” wrote Favezy.
Deal with flood wallets with similar addresses
The attack works by initiating the transfer of zero value tokens using the TransferFrom function. Attackers send 0-value tokens to create transfer events from victims’ transaction histories. Every address defaults to an acknowledgment value of 0, which allows the event to exit.
Attackers then combine this with address spoofing to increase the chances of victims copying the wrong forwarding address.
Dirty addresses match the first and last characters of legitimate addresses.
Nima’s case shows the extent to which this attack can reach, with 89 poisoning attempts in 30 minutes from just two legitimate transfers. The automated nature means that attackers can target thousands of addresses at once whenever they detect a stablecoin or token movement on the chain.
