Monday, May 20, 2024
Latest:
Crypto NewsCybersecurity NewsNews

Scammer Returns Part of $71 Million Loot He Carted Via Wallet Poisoning

Sampson Gideon

Loading

The actor who stole over $71 million via wallet poisoning sent 51 ETH to the victim and a message asking for contact information via Telegram.

Interestingly, the scammer responsible for the attack contacted the victim and asked for their Telegram details before sending over a sum equivalent to approximately $151,600. The actor carried out the attack on the Ethereum blockchain via an input data message (IDM), a type of peer-to-peer messaging.

According to on-chain data provided by Etherscan, the scammer contacted the victim twice and asked for their Telegram contact information. This was initiated because the victim demanded that 90% of the stolen funds be returned on May 5. The 51 ETH returned by the scammer represents about 4.2% of the requested amount.

Additionally, the victim responded through an IDM, warning the scammer about the traceability of the stolen funds and demanding a return of 90%. The victim gave the scammer a deadline of May 6, 2024, at 10:00 am UTC to deliver the remaining amount.

The Initial Wallet Poisoning

The poisoning attack occurred when the scammer moved 1,155 WBTC, worth $71 million, to their address. In such attacks, the aim is to deceive the victim into repeating the fraudster’s address rather than their own. Attackers usually exploit vanity services or open numerous digital wallets with addresses resembling the victim’s to achieve a mistaken act.

However, the motives behind the scammer’s partial repayment and request for direct communication remain unclear. Nonetheless, blockchain sleuth ZachXBT noted that this form of communication and partial return of funds is unusual in such high-profile scams.

In August 2023, Binance’s former CEO Changpeng ‘CZ’ Zhao experienced a security incident and highlighted how effective scams can be. According to Zhao, scammers have become so proficient that they can produce addresses with the same starting and ending letters, which most people look for when making a cryptocurrency transfer.

Additionally, he wrote many wallets conceal the middle part of the address with ‘…’ to make the user interface more visually appealing, which scammers capitalize on by sending small transactions to the address, making it appear in the user’s wallet.