top of page
Writer's pictureBlockonome Gnome

Phishing Scammer Returns $9.3M DAI to Victim Nearly a Year After Heist

The unexpected return of funds marks a rare twist in the world of crypto scams.


In an unusual twist, a phishing scammer has returned approximately $9.3 million to a victim, nearly a year after stealing $24 million in a phishing attack last September.

 

In an unusual twist, a phishing scammer has returned approximately $9.3 million to a victim, nearly a year after stealing $24 million in a phishing attack last September.

 

The return was first detected by Scam Sniffer on July 13, revealing that the scammer used the Dai (DAI) stablecoin to send the funds back across two transactions. The first transaction, amounting to $5.23 million, was made on July 8, followed by a second transfer of $4.04 million on July 13, as shown by Etherscan data.

 

This unexpected move comes ten months after the victim lost 9,579 Lido Staked Ether (stETH) and 4,850 Rocket Pool (rETH) tokens in a sophisticated phishing scam on September 6, 2023. The scam involved the victim unknowingly authorizing token approvals to the scammer by signing "Increase Allowance" transactions, which allowed the scammer to access and transfer the tokens.

 

The "Allowance" feature in ERC-20 tokens permits third parties to spend tokens on behalf of the owner, a loophole that has been exploited by malicious actors. Crypto market data platform CoinMarketCap and other industry experts have warned about this vulnerability, noting that it can enable anonymous developers to deploy malicious smart contracts to defraud users.

 

The returned $9.3 million represents a 38.4% refund based on the value at the time of the theft. However, given today's prices, the original 14,429 staked-Ether would be worth around $47.5 million.

 

Onchain analysis shows that the Dai used in the repayment came through an address associated with Railgun Relay, a privacy protocol intermediary, before being transferred to the victim.

 

Scam Sniffer also highlighted an onchain message from the hacker to the victim, using a different wallet address on July 6, saying, "Hello, I am the guy who took your money. I want to give the money back."

 

Following the $9 million transfer, the scammer's wallet still holds a little over $3 million, primarily in METAGALAXY LAND (MEGALAND) tokens from the BNB Chain.

 

Phishing scams have been a significant issue in the crypto world, with scammers stealing nearly $300 million from 324,000 victims in 2023 alone, according to Scam Sniffer's 2023 Wallet Drainers Report. Last year, Inferno Drainer and MS Drainer were particularly notorious, stealing $81 million and $59 million, respectively. In 2023, Pink Drainer emerged as a prominent phishing scammer, taking over $85 million before shutting down in May.

Comentarios


Top Stories

bottom of page