Former Binance CEO CZ Calls Out Etherscan Over Address Poisoning Scam Display

Changpeng Zhao, the former CEO of Binance, has publicly criticized Etherscan for its handling of spam transactions linked to address poisoning scams, arguing that blockchain explorers should completely filter out these malicious transfers from user interfaces.

CZ Advocates for Automatic Spam Filtering

In a post on X (formerly Twitter), CZ stated that TrustWallet has already implemented filtering technology to remove zero-value poisoning transactions from view, while Etherscan continues to display these fraudulent entries that overwhelm user wallets with spam. His comments highlight a growing concern within the cryptocurrency community about how blockchain explorers present transaction data to users.

The criticism came after a user known as Nima reported receiving 89 address-poisoning email alerts in less than 30 minutes following just two stablecoin transfers on the Ethereum network. The incident underscores the aggressive and automated nature of these scam campaigns.

How Address Poisoning Attacks Work

These attacks exploit the transferFrom function to initiate zero-value token transfers that generate transfer events visible in victim transaction histories. Because every address defaults to zero value approval, attackers can emit these events without requiring actual token movement or permissions.

Attackers enhance their success rates by combining zero-value transfers with address spoofing. The fraudulent addresses are designed to match the first and last characters of legitimate addresses, making them appear authentic at first glance. When users quickly copy addresses from their transaction history to send funds, they risk selecting the attacker-controlled lookalike address instead of their intended recipient.

Etherscan has issued warnings about these attacks, which specifically target users' tendency to reference recent transaction history when initiating transfers. Following the attack on his wallet, Nima cautioned that "so many will fall victim to this" given the sophisticated and automated nature of the campaign.

Differences Across Block Explorers

User Xeift provided important clarification regarding how different blockchain explorers handle these transactions. While Etherscan hides zero-value transfers by default, both BscScan and Basescan require users to manually click a "hide 0 amount tx" button to remove address poisoning attack transactions from view.

This inconsistency in default settings creates vulnerability gaps, as some users remain exposed to spam that could result in funds being sent to attacker-controlled addresses.

Future Implications and Additional Risks

CZ acknowledged that aggressive filtering could potentially impact legitimate micro transactions between AI agents in the future. He suggested that artificial intelligence could be deployed to distinguish genuine zero-value transfers from malicious spam.

Beyond address poisoning, Dr. Favezy highlighted additional risks associated with token swaps. A recent swap from a 0x98 wallet reportedly converted $50 million into just $36,000, raising serious questions about routing mechanisms and liquidity source selection. "I really hope AI agents will be able to route through the right routers and best liquidity sources to avoid situations like this," Favezy wrote.

Scale of the Threat

Nima's experience demonstrates the industrial scale these attacks have reached. 89 poisoning attempts in 30 minutes from merely two legitimate transfers reveals how attackers deploy automated systems to target thousands of addresses simultaneously whenever they detect stablecoin or token movements on-chain.

The incident has reignited discussions about the responsibility of blockchain infrastructure providers to protect users from increasingly sophisticated scam techniques while maintaining the transparency that defines blockchain technology.