Woofun AI reports that MetaMask has deployed an address poisoning attack detection mechanism designed to identify malicious addresses that closely resemble those users have previously engaged with. This security enhancement directly counters a prevalent threat vector where attackers transmit negligible token amounts to victim wallets, thereby inserting deceptive entries into transaction histories to induce erroneous fund transfers.

The urgency of this update is underscored by Blockaid security metrics, which recorded over 65.4 million address poisoning incidents between January 2025 and February 2026. The newly implemented feature automatically cross-references user-inputted addresses against historical interaction logs. Should the system detect matching initial and terminal characters with divergent middle segments, it triggers a blocking alert during the transaction flow.

Concurrently, MetaMask has expanded the visible character count for addresses to minimize confusion. These improvements are now active on both MetaMask Mobile and the browser extension.