On-chain cyber attacks frequently affect the Ethereum and BNB (Binance Smart Chain) blockchains, but not Bitcoin.
The difference between Bitcoin, Ethereum, and Binance Smart Chain
The scams in the crypto field do not occur only by directly attacking users, or trying to convince them to effectively give their funds to the scammers.
There are also scams that are perpetrated directly on-chain, with real cyber attacks. In this case, more often than not, it is actually thefts rather than scams, which exploit technical and IT vulnerabilities of smart contracts.
It should be specified, however, that on the blockchain of Bitcoin there are not many vulnerabilities that hackers can exploit.
In fact, on chains like Ethereum or BNB there are many thousands of smart contracts, whose code has not always been tested sufficiently.
And so the famous Bitcoin developer Jameson Lopp revealed that the difference is vast.
A recent study found over 270 million address poisoning attempts on BNB Chain and Ethereum between July 1, 2022, and June 30, 2024. Of those, 6,000 attempts were successful, leading to losses of over $83 million.
La mia ricerca ha trovato 50.000 tentativi simili su BTC con 1 successo.
— Jameson Lopp (@lopp) May 26, 2025
He cited the results of a recent study that between July 1, 2022, and June 30, 2024, detected 50,000 attack attempts on Bitcoin, compared to over 270 million attempts against BNB Chain and Ethereum.
But the biggest difference is that only one attack attempt on Bitcoin has been successful, compared to even 6,000 that have been successful on BNB Chain and Ethereum.
These attacks in total would have generated losses of over 83 million dollars.
Blockchain Address Poisoning
Lopp cites a study whose results were published in January.
It specifically concerns the so-called “Blockchain Address Poisoning” attacks, which are directed towards the addresses to which the funds are sent.
The research points out that in many blockchains, such as Ethereum and Binance (BNB Chain), the primary representation used for wallet addresses is a 40-digit hexadecimal string that is difficult to memorize.
This inevitably leads users to often select addresses for receiving funds directly from their recent transaction history, and this makes Blockchain Address Poisoning possible.
The attacker can indeed generate addresses similar to the one the victim previously interacted with, and then interact with the victim to “poison” their transaction history.
The goal is to ensure that the victim ends up mistakenly sending tokens to the attacker’s address, instead of the intended recipient, if they do not directly enter the recipient’s address but select it from the history.
The research reveals over the span of two years a number of attack attempts on Ethereum and BSC 13 times higher than previously reported, namely 270 million on-chain attacks targeting 17 million victims. Of these attacks, 6,633 resulted in losses of at least 83.8 million dollars.
This makes Blockchain Address Poisoning in fact one of the major crypto phishing schemes in the world.
Lopp then repeated the research on the Bitcoin blockchain, detecting only 50,000 attacks in the same period, of which only one was successful.
Why Bitcoin is attacked less
It must be stated, however, that the comparison with Lopp’s data might also, in theory, not be perfectly correct. In fact, it is not known if the Bitcoin developer used the same methodology as the research on Ethereum and BNB.
However, it should also be said that regarding on-chain transactions in Bitcoin, a different address is often used for each reception, so much so that the best wallets, when displaying a reception address at the user’s request, always propose a different one.
This practice, however, is not followed by altcoin wallets, particularly those of Ethereum, so much so that the receiving address often remains the same. At that point, it is obvious that the user selects the address from the history, while on Bitcoin wallets, it is common to have it provided by the wallet itself, which generally offers a new one each time.
It would therefore not be a technical problem, but only a different approach of the wallets to the way in which the various incoming transactions are managed. Moreover, many altcoin wallets also support Bitcoin, and in fact suggest to the user to always use the same address.
