Victim Recovers 80% of Stolen Ether in Rare Act of Cybercriminal Reimbursement
Summary:
In an unexpected twist, a user who lost 1,807 Ether ($6.91 million) to the known phishing group, Inferno Drainer, has surprisingly recovered 80% of the stolen assets. The recovery was facilitated by Inferno Drainer, in a rare act of 'criminal remorse'. The scam exploited a feature in Ethereum permits that allows the execution of transfers with an off-chain authorization signature. SlowMist, a blockchain analytics firm, advised users to frequently check for any unusual authorizations using tools like RevokeCash and report them immediately. The increase in such scams has sparked conversations about user carelessness with their assets.
In a rare turn of events, a significant portion of stolen Ether (ETH) has been returned to its unlucky owner who lost 1,807 liquid staked Ether, valued at $6.91 million, on May 26. In an unlikely display of cyber-criminal ethics, Inferno Drainer, a known phishing group, is said to have reimbursed the stolen ether, as reported by Yu Xian, co-founder of the blockchain analytics firm SlowMist. Remarkably, the victim received back 1,445 Ether, constituting 80% of aggrieved assets, while the scammers retained a 20% 'finders fee'.
Scam Sniffer, which reported the recovery, stated the wallet involved was compromised due to a permit phishing scheme. With this tactic, fraudsters create a valid off-chain authorization signature to facilitate the transfer of ERC-20 tokens from a non-native wallet.
SlowMist explains that, ironically, the phishing strategy exploited Ethereum's overlooked feature, introduced via EIP-2612, which allows users to engage with smart contracts without needing prior certification, merely an attached authorization signature. The catch is that the permit function can be activated from any account, regardless of its proprietorship. Consequently, even if users did not sanction any operations, but their wallet signatures were leaked on phishing sites, offenders can usurp this loophole to drain tokens illicitly from wallets.
To deter similar web-based onslaughts, SlowMist advised on the frequent use of authorization tools like RevokeCash and https://app.scamsniffer.io/permit2. These provide scrutiny for any strange authorizations, which, upon detection, should be instantly rescinded.
Not everyone was sympathetic toward the victim. DeFi commentator ZachXBT retorted, "How do you get phished last year for $638K and then again this year for $6.9M. Some people are just careless with their assets."
In March, Cointelegraph mentioned a disturbing 53% increase in cryptocurrency-related scams since last year. The FBI reported that in 2023 these ruses predominantly accounted for 86% of all investment fraud cases across the United States.
Published At
5/27/2024 5:40:34 PM
Disclaimer: Algoine does not endorse any content or product on this page. Readers should conduct their own research before taking any actions related to the asset, company, or any information in this article and assume full responsibility for their decisions. This article should not be considered as investment advice. Our news is prepared with AI support.
Do you suspect this content may be misleading, incomplete, or inappropriate in any way, requiring modification or removal?
We appreciate your report.