Trust Wallet Deploys Address‑Poisoning Protection on 32 EVM‑Compatible Blockchains
March 10 2026 – Cointelegraph
Trust Wallet, one of the most widely used non‑custodial mobile wallets, announced the rollout of a new security layer aimed at curbing “address‑poisoning” scams. The feature, which automatically screens outgoing transactions against a curated list of malicious and look‑alike addresses, will be active on 32 Ethereum Virtual Machine (EVM)‑compatible networks, including Ethereum, BNB Smart Chain, Polygon, Optimism, Arbitrum, Avalanche and Base.
What is address‑poisoning?
Address‑poisoning is a phishing variant that exploits the habit of users copying a destination address from their transaction history. Attackers first send a tiny amount of cryptocurrency to a victim’s wallet, hoping the victim will later reuse the address when sending a larger transfer. Because the attacker’s address is now part of the victim’s recent activity, the likelihood of a copy‑and‑paste error rises dramatically.
Industry data points to a rapid escalation of this threat. Since the technique gained prominence in late‑2024, more than 225 million malicious attempts have been recorded, resulting in confirmed losses exceeding $500 million. High‑profile cases include a $50 million USDT drain in December 2025 and a $68 million scam reported earlier this year.
How Trust Wallet’s protection works
- Automated address verification – Before a transaction is broadcast, the wallet cross‑references the entered destination with a real‑time database of known poison addresses and look‑alike contracts.
- User warning and block – If a match is found, Trust Wallet prevents the transaction from being sent and presents a clear warning, allowing the user to verify the address manually.
- Broad chain coverage – The initial rollout spans 32 EVM‑compatible chains, covering the majority of DeFi activity and popular NFT ecosystems. Future updates are expected to expand coverage to additional Layer‑2 solutions.
The protection feature is built into the mobile app and will be synchronized with Trust Wallet’s cloud‑based threat intelligence feed, ensuring that newly identified scam addresses are incorporated promptly.
Industry reaction
The move arrives amid growing pressure from prominent figures in the crypto space to improve wallet security. Former Binance CEO Changpeng Zhao (CZ) publicly urged all wallet providers to implement address‑poisoning checks, emphasizing that a simple blockchain query could block many fraudulent transactions.
Other wallet providers have already introduced comparable safeguards. Rabby Wallet, Zengo, and Phantom have launched transaction‑filtering tools that alert users to suspicious destinations, though the breadth of coverage varies.
Security firm Hacken’s Extractor team recently reminded investors that copying addresses from transaction logs remains a risky practice and recommended using QR codes or address book entries instead.
Analysis
Mitigating a fast‑growing attack vector
Address‑poisoning has quickly become one of the most lucrative tactics for crypto scammers, outpacing traditional phishing emails and social‑engineering calls. By integrating automated checks directly into the transaction flow, Trust Wallet addresses the problem at the point of execution, reducing reliance on user vigilance alone.
Potential impact on loss figures
If the protection feature successfully prevents even a fraction of the estimated $62 million lost to address‑poisoning attacks in the past six months, the cumulative savings for users could be substantial. However, the efficacy will depend on the comprehensiveness and freshness of the underlying blacklist, as attackers constantly generate new addresses.
Competitive pressure on wallet developers
Trust Wallet’s announcement may accelerate the adoption of similar safeguards across the wallet ecosystem. As users become accustomed to built‑in anti‑poisoning warnings, wallets that fail to implement comparable measures could see reduced adoption or heightened scrutiny from regulators and security auditors.
Limitations to consider
- False positives – Over‑aggressive filtering could block legitimate transactions to newly created contracts or addresses not yet indexed.
- Database reliance – The system’s success hinges on continuous updates from threat‑intel partners; any lag could expose users to the latest scams.
- User behavior – While the feature mitigates accidental address reuse, it does not replace the need for best‑practice habits such as verifying addresses via trusted sources.
Key takeaways
| Point | Detail |
|---|---|
| Feature | Automatic screening of outgoing addresses against a scam‑address database. |
| Coverage | Initially 32 EVM‑compatible chains (Ethereum, BNB Smart Chain, Polygon, Optimism, Arbitrum, Avalanche, Base, etc.). |
| Motivation | Address‑poisoning attacks have caused >$500 M in losses, with 225 M+ attempts documented. |
| Industry context | Prompted by calls from leaders like CZ; similar tools already exist in Rabby, Zengo, Phantom. |
| Potential benefits | Reduced accidental transfers to malicious wallets, lower user‑level losses, enhanced trust in non‑custodial solutions. |
| Challenges | Maintaining an up‑to‑date blacklist, managing false positives, encouraging safer user habits. |
Outlook
Trust Wallet’s address‑poisoning protection marks a notable step toward hardening the user experience on non‑custodial platforms. As the feature matures and expands to additional chains, its real‑world impact will be measured by the reduction in successful scams and by user feedback on transaction flow. The broader crypto ecosystem is likely to follow suit, with more wallets integrating proactive threat detection to safeguard the rapidly growing DeFi and NFT markets.
Source: https://cointelegraph.com/news/trust-wallet-address-poisoning-protection-32-evm-chains?utm_source=rss_feed&utm_medium=feed&utm_campaign=rss_partner_inbound
