Phantom’s in-app messaging feature is facing scrutiny after a phishing attack drained around $264,000 in Wrapped Bitcoin through an address poisoning scam.
Blockchain investigator ZachXBT flagged a transfer of 3.5 Wrapped Bitcoin from one wallet to another on Wednesday, describing the transaction pattern as consistent with address poisoning rather than a private key compromise.
ZachXBT urged Phantom to improve its interface, calling the messenger feature a “new method for people to get drained,” and warning that the app failed to filter spam transactions that enable such scams.
Address poisoning involves scammers sending small transfers to a target wallet so their malicious address appears in the victim’s transaction history, increasing the likelihood that users will mistakenly copy and paste the fraudulent address.
Another X user, Kill4h, reported two similar incidents involving transfers of $136 and $101 in USDC, underscoring broader concerns about wallet user experience and transaction visibility.
Binance co-founder Changpeng Zhao previously called for stronger wallet safeguards after a $50 million address poisoning incident in December 2025, writing;
“All wallets should simply check if a receiving address is a ‘poison address,’ and block the user,”
And adding:
“Lastly, wallets should not even display these spam transactions anywhere. If the value of the tx is small, just filter it out.“
Security firms including Hacken and Cyvers have since urged wallet providers to introduce pre-transaction risk checks, address similarity detection and clearer warnings before signing, while advising users to rely on verified address books rather than copying wallet details from transaction histories.
At the time of reporting, Wrapped Bitcoin price was $67,533.31.