Binance founder targets block explorers over spam display
Changpeng Zhao, the former CEO of Binance, has taken aim at block explorers like Etherscan for how they display spam transactions from address-poisoning scams. This criticism comes after Etherscan itself warned users about a particularly aggressive campaign where one victim received 89 address-poisoning emails in under half an hour.
CZ seems to think the problem has straightforward solutions. He points to existing filters as viable options, specifically mentioning that solutions already implemented in Trust Wallet “should be simple to filter them out completely.” It’s interesting that he’s highlighting a competitor’s product here, but perhaps he sees it as a model worth following.
Fusaka upgrade linked to increased attacks
Market analysts have connected the recent surge in address poisoning attacks to Ethereum’s Fusaka upgrade, which went live on December 3, 2025. The upgrade was supposed to reduce transaction costs on the network, but it’s had an unintended consequence: scammers can now send large volumes of poisoning transactions much more cheaply.
The data seems to back this up. Ninety days after the upgrade, Ethereum’s daily transaction volume jumped by 30% compared to the 90 days before. New daily addresses increased by about 78%, and there was a noticeable rise in small-value dust transfers too.
Etherscan acknowledges that address poisoning isn’t new—it’s been around for years on Ethereum. But they note that recent incidents “highlight how automated and high-volume these campaigns have become.” That automation is what makes them so pervasive now.
The economics of poisoning attacks
A study looking at address poisoning found something staggering: 17 million poisoning attempts targeting roughly 1.3 million Ethereum users, with confirmed losses of at least $79.3 million over about two years. That’s a lot of money, but what’s really surprising is how these attacks work economically.
The success rate for each individual poisoning attempt is incredibly low—around 0.01%. That means only 1 out of every 10,000 users actually falls for the scam. But here’s the thing: the cost of thousands of failed attempts can be easily covered by a single successful attack involving large sums. It’s a numbers game, and scammers are playing it efficiently.
Another unexpected finding from 2025 research shows that different attack groups often compete with each other. In many poisoning attacks, multiple attackers send their poison transfers to the same address at roughly the same time. Etherscan explains that “whoever succeeds first increases the chances that their address will later be copied.” In one example they shared, 13 poison transfers were sent shortly after a legitimate USDT transfer.
Different approaches to the problem
Etherscan has been advising users to take certain precautions. They suggest using private name tags for frequently interacted addresses and recommend domain names like ENS to make addresses easier to recognize across the explorer. These are practical steps, but they rely on user vigilance.
CZ, however, seems to favor a more automated approach. He’s highlighting Trust Wallet’s existing filters as a model solution. Just a few days ago, Trust Wallet introduced what they call “address poisoning protection”—a security feature that checks every destination address before you send and warns you when something looks wrong.
The system runs automatic real-time checks using a database of known scams and lookalike addresses. For high-severity threats, users get a blocking warning before a transaction is submitted, complete with a side-by-side comparison of the address they’re about to send to and the legitimate address it mimics.
This protection is available on 32 EVM chains at launch, including Ethereum Mainnet, BNB Smart Chain, Polygon, Optimism, Arbitrum One, and others. CZ points to this mechanism as a good example that other wallets and explorers could emulate.
Looking ahead, CZ has also expressed concerns about future microtransactions between AI agents. He predicts AI will need to handle spam detection in that context too. It’s an interesting point—if AI agents are going to be transacting with each other autonomously, they’ll need robust spam filters built in from the start.
The debate here seems to be about responsibility. Should block explorers do more to filter out obvious scams, or is that primarily the wallet’s job? Etherscan provides the raw data, while wallets like Trust Wallet are implementing protective layers. Perhaps the answer lies somewhere in between, with multiple layers of protection working together.
