Address Poisoning Attack Leads to
~$24M Theft from sillytuna-Related Addresses
Addresses linked to sillytuna fell victim to an address poisoning attack, resulting in the total drain of approximately $24M worth of aEthUSDC.
AUTOSEC.DEV
- Time of Attack: March 5, 2026
- Target: sillytuna-linked addresses and assets
- Target Overview: sillytuna is a high-net-worth entity holding substantial crypto assets, specifically a significant volume of yield-bearing stablecoins such as aEthUSDC.
- Loss Amount: Approximately $24,000,000
- Attack Vector: Address Poisoning
Incident Review and Technical Details
1. Attack Path:
- Exploitation: The attacker targeted addresses associated with sillytuna (0xd2e8...ca41) using an address poisoning technique.
- Asset Exfiltration: Approximately $24 million worth of aEthUSDC was successfully drained from the targeted address.
- Fund Movement: The attacker transferred approximately $20 million in DAI to two controlled intermediary wallets: 0xdCA9...c9C4 (~$10M) and 0xd0c2...dd3e (~$10M).
- Obfuscation: The attacker has begun moving small amounts of assets via cross-chain bridges to the Arbitrum network in an attempt to further transfer, mix, or obfuscate the funds.
2. Scope of Impact: The affected sillytuna-related addresses have been entirely drained, with a massive volume of stablecoin assets currently under the attacker's control.
3. Official Determination: The asset loss was caused by an address poisoning attack; funds have been confirmed as moved to attacker-controlled wallets.
4. Investigation Progress: Intermediary wallet addresses and the on-chain fund flow have been identified. As of now, the attacker has not yet initiated a large-scale mixing (tumbling) operation.
AUTOSEC.DEV Solution: Building a 360-Degree Defense
To counter hybrid attacks involving "Web2 Breach + Web3 Monetization," AUTOSEC.DEV provides comprehensive protection from code to personnel:
- Team OPSEC (Operations Security) Audit & Hardening: We provide enterprise-grade security training and configuration for core Web3 team members. We assist teams in deploying security hardware and risk detection software to increase the difficulty of social engineering attacks, while auditing password management protocols and device security policies.
- End-to-End Incident Response (IR): In an emergency, every second of confusion amplifies the loss. AUTOSEC.DEV provides standardized SOPs (Standard Operating Procedures) and rapid response services tailored to specific business needs to help projects mitigate losses quickly.
Service Content
- AUTOSEC.DEV - Security Awareness Training
- AUTOSEC.DEV - Incident Response Service
- AUTOSEC.DEV - Security Strategy & Planning