{"id":18293,"date":"2026-03-14T20:05:53","date_gmt":"2026-03-14T20:05:53","guid":{"rendered":"https:\/\/cryptoted.net\/index.php\/2026\/03\/14\/cz-slams-etherscan-over-address-poisoning-spam\/"},"modified":"2026-03-14T20:05:53","modified_gmt":"2026-03-14T20:05:53","slug":"cz-slams-etherscan-over-address-poisoning-spam","status":"publish","type":"post","link":"https:\/\/cryptoted.net\/index.php\/2026\/03\/14\/cz-slams-etherscan-over-address-poisoning-spam\/","title":{"rendered":"CZ slams Etherscan over address poisoning spam"},"content":{"rendered":"<p> <br \/>\n<br \/><img decoding=\"async\" src=\"https:\/\/crypto.news\/app\/uploads\/2025\/06\/crypto-news-Changpeng-Zhao-CZ-ooption06.webp\" \/><\/p>\n<div>\n<p class=\"is-style-lead\">CZ goes after Etherscan for displaying spam transactions from address poisoning scams, stating block explorers should filter out the malicious transfers completely.<\/p>\n<div id=\"cn-block-summary-block_9ea6789918f75f7d97830b9a8c7a9f8a\" class=\"cn-block-summary\">\n<p>\n        <span class=\"tabs__item is-selected\">Summary<\/span>\n    <\/p>\n<div class=\"cn-block-summary__content\">\n<ul class=\"wp-block-list\">\n<li>CZ says block explorers should filter address-poisoning spam.<\/li>\n<li>A user received 89 poisoning alerts in 30 minutes after two transfers.<\/li>\n<li>Attackers use lookalike addresses and zero-value transfers to trick users.<\/li>\n<\/ul><\/div>\n<\/div>\n<p><!-- .cn-block-summary --><\/p>\n<p>The former Binance CEO posted on X that TrustWallet already implements this filtering, while Etherscan continues showing zero-value poisoning transactions that flood user wallets.<\/p>\n<p>The criticism follows an incident where a user identified as Nima received 89 <a href=\"https:\/\/crypto.news\/ethereum-address-poisoning-coas-6-2-m-two-months-2026\/\" target=\"_blank\">address-poisoning<\/a> emails in under 30 minutes after making just two stablecoin transfers on Ethereum.<\/p>\n<p>Etherscan issued a warning about the attack, which aims to trick users into copying lookalike addresses from transaction history when sending funds.<\/p>\n<p>\u201cSo many will fall victim to this,\u201d Nima warned after the automated attack campaign targeted his wallet.<\/p>\n<figure class=\"wp-block-embed is-type-rich is-provider-twitter wp-block-embed-twitter\">\n<div class=\"wp-block-embed__wrapper\">\n<blockquote class=\"twitter-tweet\" data-width=\"550\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">Block explorers should not show these spam transactions. Should be simple to filter them out completely. <a href=\"https:\/\/twitter.com\/TrustWallet?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"nofollow\">@TrustWallet<\/a>  does this already.<\/p>\n<p>This may have some impact on micro transactions between AI agents later. By then, we can use AI to filter out the spam too. <a rel=\"nofollow\" href=\"https:\/\/t.co\/97B1UmYkQF\">https:\/\/t.co\/97B1UmYkQF<\/a><\/p>\n<p>\u2014 CZ \ud83d\udd36 BNB (@cz_binance) <a href=\"https:\/\/twitter.com\/cz_binance\/status\/2032597991413133639?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"nofollow\">March 13, 2026<\/a><\/p><\/blockquote>\n<\/div>\n<\/figure>\n<h2 class=\"wp-block-heading\">CZ goes after Etherscan for displaying spam transactions<\/h2>\n<p>Xeift clarified that Etherscan hides zero-value transfers by default, but BscScan and Basescan require users to click a \u201chide 0 amount tx\u201d button explicitly to remove address poisoning attack transactions.<\/p>\n<p>The difference in default settings leaves some users exposed to viewing spam that could lead to sending funds to attacker-controlled addresses.<\/p>\n<p>CZ noted the filtering may affect micro transactions between AI agents in the future, suggesting AI could be used to distinguish legitimate zero-value transfers from spam.<\/p>\n<p>Dr. Favezy pointed out that swaps create additional risks beyond address poisoning. A swap from the 0x98 wallet that turned $50 million into $36,000 yesterday raised concerns about routing and liquidity source selection.<\/p>\n<p>\u201cI really hope AI agents will be able to route through the right routers and best liquidity sources to avoid situations like this,\u201d Favezy wrote.<\/p>\n<p>    <!-- .cn-block-related-link --><\/p>\n<h2 class=\"wp-block-heading\">Address poisoning floods wallets with lookalike addresses<\/h2>\n<p>The attack works by initiating zero-value token transfers using the transferFrom function. Attackers send 0-value tokens to create transfer events that appear in victim transaction histories. Every address defaults to 0 value approval, allowing the event emission.<\/p>\n<p>Attackers then combine this with address spoofing to increase the likelihood victims copy the wrong transfer address.<\/p>\n<p>The spoofed addresses match the first and last characters of legitimate addresses.<\/p>\n<p><a href=\"https:\/\/x.com\/etherscan\/status\/2032067841734951008\" target=\"_blank\" rel=\"nofollow\">Nima\u2019s case<\/a> shows the scale these attacks can reach, with 89 poisoning attempts in 30 minutes from just two legitimate transfers. The automated nature means attackers can target thousands of addresses simultaneously whenever they detect stablecoin or token movements on-chain.<\/p>\n<\/p><\/div>\n<p><script async src=\"\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><br \/>\n<br \/><br \/>\n<br \/><a href=\"https:\/\/crypto.news\/cz-goes-after-etherscan-displaying-spam-transactions\/\">Source link <\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>CZ goes after Etherscan for displaying spam transactions from address poisoning scams, stating block explorers should filter out the malicious transfers completely. Summary CZ says block explorers should filter address-poisoning spam. A user received 89 poisoning alerts in 30 minutes after two transfers. Attackers use lookalike addresses and zero-value transfers to trick users. The former [&hellip;]<\/p>\n","protected":false},"author":5,"featured_media":18294,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"tdm_status":"","tdm_grid_status":"","footnotes":""},"categories":[23],"tags":[],"kronos_expire_date":[],"class_list":["post-18293","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-crypto"],"_links":{"self":[{"href":"https:\/\/cryptoted.net\/index.php\/wp-json\/wp\/v2\/posts\/18293","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cryptoted.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cryptoted.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cryptoted.net\/index.php\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/cryptoted.net\/index.php\/wp-json\/wp\/v2\/comments?post=18293"}],"version-history":[{"count":0,"href":"https:\/\/cryptoted.net\/index.php\/wp-json\/wp\/v2\/posts\/18293\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cryptoted.net\/index.php\/wp-json\/wp\/v2\/media\/18294"}],"wp:attachment":[{"href":"https:\/\/cryptoted.net\/index.php\/wp-json\/wp\/v2\/media?parent=18293"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cryptoted.net\/index.php\/wp-json\/wp\/v2\/categories?post=18293"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cryptoted.net\/index.php\/wp-json\/wp\/v2\/tags?post=18293"},{"taxonomy":"kronos_expire_date","embeddable":true,"href":"https:\/\/cryptoted.net\/index.php\/wp-json\/wp\/v2\/kronos_expire_date?post=18293"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}