Scammer Returns $9.3M DAI to Victim 10 Months After Phishing Attack
In an astonishing turn of events, a phishing scammer has unexpectedly returned nearly $9.3 million to a victim, almost a year after pilfering $24 million in a phishing assault last September. The restitution was first flagged by Scam Sniffer on July 13, revealing the scammer utilized the Dai (DAI) stablecoin to reimburse the funds across two transactions.
Detailed Transactions
The initial transfer occurred on July 8, amounting to $5.23 million. Subsequently, another $4.04 million was transferred on July 13 at 12:06 pm UTC, as per Etherscan data. This surprising act of restitution follows the victim’s loss of 9,579 Lido Staked Ether (stETH) and 4,850 Rocket Pool (rETH) tokens during the phishing scam on September 6, 2023.
Read more:Â Blockchain Scams Exposed: Stories from Victims and Lessons Learned
Scam Mechanics
The victim had inadvertently enabled token approvals to the scammer by signing “Increase Allowance” transactions, as detailed by Scam Sniffer’s post at the time of the incident. This allowance, an ERC-20 token feature, permits third parties to spend tokens owned by the approver, a vulnerability flagged by CoinMarketCap and other industry players as a potential loophole for deploying malicious smart contracts.
Market Impact and Value Discrepancies
The recent return of $9.3 million constitutes a 38.4% restitution of the funds based on the prices from September 6. However, the 14,429 staked Ether would be worth $47.5 million at today’s prices. Onchain data indicates the Dai was transferred from an address labeled as Railgun Relay, an intermediary for a privacy protocol, shortly before reaching the victim.
Hacker’s Communication
Scam Sniffer directed Cointelegraph to an onchain message from the hacker, who reached out to the victim via a different wallet address on July 6. The message stated, “Hello, I am the guy who took your money. I want to give the money back.” Etherscan data reveals that the scammer’s wallet address retains a little over $3 million after the $9 million transfer, with nearly 99% of those funds comprising the METAGALAXY LAND (MEGALAND) token from the BNB Chain.
Broader Context
Phishing scammers have siphoned nearly $300 million worth of crypto from 324,000 victims in 2023, according to Scam Sniffer’s 2023 Wallet Drainers Report. Among the most notorious phishing scammers of the year were Inferno Drainer and MS Drainer, who stole $81 million and $59 million, respectively. Pink Drainer emerged as one of the most prominent phishing scammers, amassing over $85 million before ceasing operations in May.
Stay informed with daily updates from Blockchain Magazine on Google News. Click here to follow us and mark as favorite: [Blockchain Magazine on Google News].
Get Blockchain Insights In Inbox
Stay ahead of the curve with expert analysis and market updates.
latest from tech
Disclaimer: Any post shared by a third-party agency are sponsored and Blockchain Magazine has no views on any such posts. The views and opinions expressed in this post are those of the clients and do not necessarily reflect the official policy or position of Blockchain Magazine. The information provided in this post is for informational purposes only and should not be considered as financial, investment, or professional advice. Blockchain Magazine does not endorse or promote any specific products, services, or companies mentioned in this posts. Readers are encouraged to conduct their own research and consult with a qualified professional before making any financial decisions.