0
0
The Return of Stolen Funds by Crypto Scammer
An incident involving the theft of 1,155 Wrapped Bitcoin (WBTC), totaling $70.5 million, has taken an unexpected turn as the attacker has initiated the process of returning the stolen funds, recent on-chain data reveals. This development marks a significant shift in a case that had initially led to substantial losses for an unnamed crypto trader.
Initial Theft and Recovery Process
The theft was orchestrated through an address-poisoning phishing scheme, a common tactic used by cybercriminals to deceive individuals into transferring their digital assets to malicious addresses. Following the successful operation, the scammer promptly converted the pilfered WBTC into 22,956 ETH and proceeded to disperse the funds across numerous wallets to impede tracking efforts.
However, amidst these actions, the victim engaged in a dialogue with the perpetrator, proposing a deal that could potentially lead to the return of the majority of the stolen funds. The victim offered a 10% bounty to the scammer in exchange for 90% of the misappropriated assets, underscoring the futility of attempting to launder such a significant amount.
“We both know there’s no way to clean these funds. You will be traced. We also both understand the ‘sleep well’ phrase wasn’t about your moral and ethical qualities. Nevertheless, we officially acknowledge your right to the 10%. Send 90% back,” the victim conveyed.
As a result of these negotiations, the attacker has now returned 50% of the stolen funds, equating to approximately 11,446.87 ETH worth $34.7 million, back to the victim’s address. This partial refund signifies a promising development for the victim, who stood to lose a considerable amount following the initial breach.
Attacker’s Profile and Potential Involvement
Although the return of a portion of the stolen funds signals a positive step in the resolution of this incident, the attacker’s motives and potential involvement in similar illicit activities raise questions about their identity and broader scope of activities within the crypto space.
Security firm Slow Mist has hinted at the possibility of the scammer being linked to various phishing attacks targeting not only the WBTC network but also the Tron and Ethereum blockchains. The firm revealed that the attacker had engaged in a series of transactions designed for phishing purposes, with several IPs associated with the hacker originating from mobile stations in Hong Kong.
Given the intricate nature of the case and the implications it has for the affected parties, continued monitoring of the situation is imperative to ensure that all relevant aspects are duly addressed and resolved in a manner that upholds the integrity of the cryptocurrency ecosystem.
Image/Photo credit: source url
