Ethereum’s ‘Fusaka’ Upgrade Backfires: Low Fees Fuel $514K Address Poisoning Spree
A record 2.9 million daily transactions on Ethereum is mostly spam, as attackers exploit the Fusaka upgrade’s low fees to steal over $500,000.
Record on-chain activity masks a coordinated attack vector, not adoption.
Ethereum’s transaction count hit an all-time high of 2.9 million this week, but the data is a mirage. Security researcher Andrey Sergeenkov identified a massive address poisoning campaign responsible for the surge, exploiting the network’s recently lowered fees to spray millions of wallets with fraudulent “dust.”
The campaign claimed a major victim on January 17. A trader lost 514,000 USDT after falling for a spoofed address, a direct consequence of the industrial-scale spamming enabled by the December 2025 “Fusaka” upgrade.
The Receipt: Weaponized Efficiency
The attack vector is economic, not cryptographic. The Fusaka upgrade (Fulu + Osaka) successfully reduced blob and execution fees to incentivize Layer 2 scaling. Attackers immediately arbitraged this efficiency.
According to Sergeenkov’s analysis of the January spike:
- 67% of new Ethereum addresses received less than $1 in stablecoins as their first transaction.
- 3.8 million wallets were “dusted” by automated smart contracts.
- The cost to execute these attacks dropped ~60% post-upgrade, turning a previously expensive scam into a high-volume dragnet.
The Fusaka update made spam transactions truly cheap, with regular ETH transfers under $0.01… turning what was otherwise a low probability scam into an economically viable strategy.
The $514K Error
On-chain security firm CyversAlerts documented the January 17 theft. The victim intended to move funds to a known wallet ending in D3E6F. Attackers, detecting the pattern, generated a vanity address ending in f3e6F and spammed the victim’s wallet with negligible USDT transfers.
The victim sent a 5,000 USDT test transaction to the poisoned address (which appeared in their transaction history). When the test confirmed, they sent the remaining 509,000 USDT. The funds were immediately routed to Tornado Cash.
Market Reality
ETH traded flat at $3,202 (-2.8%), ignoring the “record” activity metrics. Investors and analysts now face a corrupted data set; daily active user (DAU) and transaction counts, standard metrics for network health, are currently indistinguishable from bot activity.
