Crypto Thief Returns $71 Million in Ethereum Following Wallet Poisoning Scam
Summary:
In a surprising reversal, a fraudster has returned $71 million worth of stolen cryptocurrencies in Ether (ETH) tokens following a wallet poisoning scam. The stolen funds' restitution was initiated after several blockchain investigation firms, led by Lookonchain, began an enquiry into the matter, tracking the possible attacker's IPs to Hong Kong. The thief started spreading the digital currency across different wallets after converting it into ETH, but eventually returned the assets. This sudden return was presumably prompted by potential consequences cited by security firm SlowMist.
In an unexpected twist, cryptocurrencies valued at $71 million that had been swiped in a recent wallet poisoning scam have been returned to the rightful owner. The fraudster behind the incident returned $71 million in Ether (ETH) tokens on May 12 after the high-profile fraud drew the attention of a number of blockchain investigation agencies. Lookonchain, a firm specialising in on-chain security, outlined the events in a May 13 post. They released a report three days prior, tracking potential attacker IPs from Hong Kong, although the use of VPNs is not excluded. Following their report, the villain responded to the whale and repatriated all the funds.
This surprising development comes in the wake of a May 3 attack when $71 million in Wrapped Bitcoin (WBTC) was unwittingly transferred to a decoy wallet by an investor, falling prey to a wallet-poisoning scam. The wrongdoer engineered a wallet address with alphanumeric characters resembling those of the victim’s account, to which they then transferred a small amount.
As most investors do, the victim verified the wallet address by cross-referencing the first and last characters before transferring 97% of their wealth. However, an anomaly in the middle characters, usually hidden on platforms for aesthetic reasons, could have given the scam away.
While all stolen funds were returned, on-chain transactions preceding this event indicate it wasn't the initial plan of the perpetrator. Upon acquiring the stolen wealth, the fraudster swiftly swapped the 1,155 WBTC for about 23,000 ETH. This is a common tactic employed by cybercriminals for laundering ill-gotten gains via privacy protocols and crypto mixing services, including Tornado Cash.
Starting May 8, they dispersed the funds across a network of over 400 cryptocurrency wallets. This continued, with the total number of wallets eventually exceeding 150 before the funds were inexplicably returned.
ALERTS from on-chain security firm SlowMist that IPs from Hong Kong could be linked to the attacker followed shortly after the funds’ return. The release of this analysis may have deterred the thief.
This specific heist of $71 million is just one of many attempted in tandem with WBTC phishing, as per a reported released by SlowMist on May 10. Upon further investigation, they found that this specific fee address initiated over 20,000 small transactions from April 19 to May 3, sending tiny amounts of ETH to various addresses in an attempt to deceive potential victims.
April saw digital currency stolen through scams and hacks plunge to $25.7 million, according to data from on-chain intelligence firm CertiK. This marks the lowest recorded theft since 2021 when CertiK initiated tracking these activities.
Published At
5/13/2024 3:17:01 PM
Disclaimer: Algoine does not endorse any content or product on this page. Readers should conduct their own research before taking any actions related to the asset, company, or any information in this article and assume full responsibility for their decisions. This article should not be considered as investment advice. Our news is prepared with AI support.
Do you suspect this content may be misleading, incomplete, or inappropriate in any way, requiring modification or removal?
We appreciate your report.