WBTC thief returns $71 million worth of WBTC after an investor fell victim to a wallet poisoning scam, losing $71 million worth of WBTC.
A fortunate but inexplicable turn of events has resulted in the restoration of cryptocurrencies worth $71 million that were stolen from a wallet poisoning scam that occurred not too long ago.
WBTC Thief Returns $71 Million Worth Of WBTC
As a result of the high-profile phishing incident that drew the attention of various blockchain investigative businesses, the WBTC thief returned Ether (ETH) tokens worth a total of $71 million on May 12th.
Lookonchain, an on-chain security company, published the following information in a post on May 13:
SlowMist_Team released a report on this incident 3 days ago, tracking multiple attacker’ IPs possibly from Hong Kong (the use of VPNs has not been ruled out). After that, the attacker replied to the whale and returned all the funds.”
This is a startling turn of events in relation to the attack that occurred on May 3, when an investor fell victim to a wallet poisoning scam after sending $71 million worth of wrapped bitcoin (WBTC) to an address that was a bait wallet.
The WBTC thief created a wallet address using characters similar to the victim’s wallet and then made a modest transaction to the victim’s account.
In the same manner as the majority of investors, the victim verified the wallet address by comparing the initial and final few characters and then moved 97% of their funds to the verified wallet address.
On the other hand, platforms frequently conceal the characters in the middle to enhance their visual attractiveness, making the change obvious.
Even though the WBTC thief returned all of the stolen funds previous on-chain transactions suggest that this was not their initial goal. Following receipt of the stolen cash, the perpetrator promptly converted the 1,155 WBTC into approximately 23,000 ETH.
This is a common practice among malevolent hackers, as it enables them to assist in the laundering of stolen funds through the use of privacy protocols and crypto mixing services such as Tornado Cash.
Beginning on May 8th, the attacker spread the funds over more than 400 cryptocurrency wallets, distributing them over more than 150 different wallets before returning the assets.
The on-chain security company SlowMist revealed the attacker’s potential Hong Kong-based IPs shortly after the recovery of the funds.
The analysis suggested that the thief became disheartened by the potential implications of their actions. The theft of $71 million is only a small portion of the phishing attempts related to the WBTC, according to an incident report that SlowMist conducted on May 10th.
“Upon investigating this fee address, we observed that from April 19 to May 3, this address initiated over 20,000 small transactions, distributing small amounts of ETH to various addresses for phishing purposes.”
Hacks and scams stole $25.7 million in cryptocurrency in April, the lowest amount since the on-chain intelligence service CertiK started collecting data in 2021.