A phishing scammer stole $24 million in a phishing attack last September and then suddenly returned nearly $9.3 million to his victims.
The scammer, first discovered by Scam Sniffer on July 13, used the Dai (DAI) stablecoin to return funds in two transactions last week.
According to Etherscan data, the first transfer returned $5.23 million on July 8, followed by another $4.04 million on July 13 at 12:06 PM (UTC).
This comes 10 months after victims lost 9,579 Lido Staked Ether (stETH) and 4,850 Rocket Pool (rETH) tokens in a $24.2 million phishing scam on September 6, 2023.
victim Activated Provide token authorization to the scammer by signing an “increase allocation” transaction. According to ~ Here is Scam Sniffer’s post at the time of the incident.
Permissioning is an ERC-20 token feature that allows third parties to have the right to use the owner’s tokens.
Cryptocurrency market data platform CoinMarketCap and other industry participants have pointed out this vulnerability, saying it could allow anonymous developers to deploy malicious smart contracts to scam users.
The recent $9.3 million return would equate to a fund return of 38.4% at September 6 prices, but the 14,429 staked ETH would have been worth $47.5 million at today’s prices.
According to on-chain data, the Dai passed through an address called Railgun Relay, which acts as an intermediary for privacy protocols, just before being sent to the victim.
Scam Sniffer reported to Cointelegraph that the hacker had sent an on-chain message to the victim on July 6 via a different wallet address.
“Hello, I am the person who took your money,” he said. “I would like to return it.”
According to Etherscan data, the scammer’s wallet address currently has just over $3 million in funds following the $9 million transfer.
Almost 99% of these funds are comprised of METAGALAXY LAND (MEGALAND) tokens on the BNB chain.
Related: New Cryptocurrency Scam Emptying Users’ Wallets Without Transaction Authorization
According to Scam Sniffer’s 2023 Wallet Emptying Report, phishing scammers stole approximately $300 million worth of cryptocurrency from 324,000 victims in 2023.
In 2023, Inferno Drainer and MS Drainer were the two most notorious phishing scams, stealing $81 million and $59 million respectively.
Pink Drainer was one of the most notorious phishing scams of the year, stealing over $85 million before it was shut down in May.
magazine: Ethereum’s ERC-20 design flaw is a cryptocurrency scammer’s best friend.