According to Lopp's Feb 6 article, the threat actors generate BTC addresses that match the first and last digits of addresses from the victim's transaction history. Lopp analyzed the Bitcoin blockchain history for this type of attack and found:
Quote
Sources
Jameson Lopp sounds alarm on Bitcoin address poisoning attacks
Referenced by
Jameson Lopp explained that attackers generate Bitcoin addresses matching the first and last characters of legitimate user addresses to deceive users
Crypto news
Claim
