A wallet connected to Sillytuna lost roughly $24 million in aEthUSDC through an address poisoning attack, according to PeckShield Alert. The exploit saw the victim send 23.6 million aEthUSDC (valued at approximately $23.6 million) to a malicious contract on Aave, with the funds quickly bridged and staged in two attacker-controlled wallets holding around $10 million each in DAI.
The attack unfolded on March 4, 2026, with the transaction confirmed at block 24585515 on Ethereum. On-chain data shows the victim interacted with Aave V3, transferring the full amount to a seemingly legitimate address that turned out to be attacker-controlled. The two main staging wallets now hold a combined $20 million in DAI, while smaller amounts have already been bridged to Arbitrum, likely in preparation for further laundering.
Victim transfers funds to poisoned address
Address poisoning relies on tricking users into copying a malicious address from transaction history instead of their own. In this case, the victim sent the entire position to the poisoned address, which forwarded it to the attacker. PeckShield identified the funds sitting idle in the two wallets, with no immediate mixing activity reported beyond the initial bridging.
Funds staged in attacker wallets
The two primary attacker addresses hold roughly $10 million each in DAI, totalling $20 million of the stolen amount. Blockchain explorers show no further outflows yet, but the bridging to Arbitrum indicates the attacker is moving to layer-2 chains, possibly to obscure the trail.
The remaining $4 million in value likely covers fees, bridging costs, or smaller splits. PeckShield continues monitoring for any subsequent mixing or cross-chain transfers.
The incident highlights the persistent risk of address poisoning in DeFi, where users lose access to funds through subtle wallet manipulation rather than private key compromise. No further details on the victim’s identity or recovery efforts were available.
Meanwhile, PeckShield revealed that December 2025 brought a sharp decline in crypto hack losses, dropping 60% from November’s $194.2 million to approximately $76 million across 26 major exploits.
Enjoyed this piece? Bookmark DeFi Planet, explore related topics, and follow us on Twitter, LinkedIn, Facebook, Instagram, Threads and CoinMarketCap Community for seamless access to high-quality industry insights.
“Take control of your crypto portfolio with MARKETS PRO, DeFi Planet’s suite of analytics tools.”
