March 06, 2026 ChainGPT

NFT Whale Sillytuna Loses $24M to Address‑Poisoning Heist Escalating to Kidnapping Threats

NFT Whale Sillytuna Loses $24M to Address‑Poisoning Heist Escalating to Kidnapping Threats
One of Ethereum’s earliest and best‑known NFT whales, Sillytuna, says he was robbed of roughly $24 million in crypto in an attack that combined on‑chain “address poisoning” with real‑world violence and threats. What happened - On March 4, Sillytuna posted on X that roughly $24 million in AUSD/aEThUSDC was drained from his wallet (0x6fe0fab2164d8e0d03ad6a628e2af78624060322). He said the incident involved violent intimidation — including weapons, kidnapping and threats of sexual violence — and that police are now involved. In the post he announced he was leaving crypto and expressed relief that he was physically unharmed. - The following day he offered a 10% bounty for anyone who can recover funds, explicitly saying the reward applies even if the taker was involved in the original theft. How these attacks work Investigators and scam‑tracking firms say this kind of crime is typically a hybrid, multi‑stage campaign: - Reconnaissance: attackers map a target’s on‑chain activity, social media and real‑world routines. - Address poisoning / social engineering: they plant malicious addresses so a victim who copies an address (from saved transactions, social posts, or a browser) unknowingly pastes the attacker’s address into a transfer. - Escalation to coercion: when the attacker sees a large withdrawal coming, the operation can escalate to doxxing, extortion or even in‑person threats to force or intimidate the victim. Context and trend This is not an isolated incident. Late 2025 saw a trader lose nearly $50 million in USDT after copying a poisoned address; that victim later publicly offered a seven‑figure “peaceful resolution” bounty to retrieve funds. Scam trackers also attribute roughly $62 million in losses across at least two more victims over two months to similar address‑poisoning mistakes. Physical “wrench attacks” and kidnapping threats targeting crypto holders have been on the rise globally, exposing the limits of purely on‑chain security when adversaries target real‑world vulnerabilities. Why this matters The Sillytuna case underlines a harsh truth for the crypto community: even experienced, high‑profile users can fall prey to coordinated campaigns that mix technical tricks with real‑world coercion. These are not simple exploits of wallets or software bugs; they’re full campaigns designed to exploit both digital hygiene and personal safety. Practical steps to reduce risk - Avoid copying addresses from social feeds or plain text; use verified ENS names or trusted address books. - Double‑check addresses with multiple sources and consider checksum/QR scanning rather than copy‑paste. - Use hardware wallets and enable transaction confirmation features that show recipient info on the device. - Keep personal routines and identity details private; limit doxxable information on public profiles. - Consider whitelisting withdrawal addresses for large transfers and use multi‑sig arrangements for high‑value holdings. - If threatened, involve local law enforcement and professional blockchain tracing/recovery firms; do not negotiate directly under duress. Sillytuna’s case will likely intensify calls for both better technical defenses (address‑verification UX, wallet safeguards) and improved coordination between law enforcement and blockchain analytics firms. For now, it’s another reminder that crypto security requires both digital caution and real‑world vigilance. Image credits: ETHUSD chart from TradingView. Read more AI-generated news on: undefined/news