An address poisoning attack led to a $12.4M crypto loss after funds were sent to a lookalike address, per @web3_antvirus. Onchain data shows the victim wallet has been active for over 5y and previously held significant positions in Compound, indicating an experienced user. The attacker inserted a fake address into the transaction history via a small transfer. When the victim later copied an address from history, the funds were sent to the attacker. [Brought to you by @web3_antivirus]