In an unexpected turn of events, a phishing scammer has returned nearly $9.3 million to a victim after stealing $24 million from them in a phishing attack last September. This development was first noticed by Scam Sniffer on July 13.
The scammer used the Dai (DAI) stablecoin to return the funds across two transactions last week. The first transfer, amounting to $5.23 million, was made on July 8, followed by another transfer of $4.04 million on July 13 at 12:06 pm UTC, according to Etherscan data.
This restitution comes 10 months after the victim fell for a $24.2 million phishing scam on September 6, 2023, which resulted in the loss of 9,579 Lido Staked Ether (stETH) and 4,850 Rocket Pool (rETH) tokens.
The Phishing Attack
The victim unknowingly enabled token approvals to the scammer by signing “Increase Allowance” transactions. This ERC-20 token feature allows a third party the right to spend tokens belonging to the owner, which can be exploited by malicious actors.
Crypto market data platform CoinMarketCap and other industry players have flagged this loophole, noting its potential for abuse by anonymous developers deploying malicious smart contracts to scam users.
The recent return of $9.3 million equates to a 38.4% refund at the prices on September 6, though the 14,429 staked Ether would be worth $47.5 million at today’s prices. On-chain data shows the Dai came through an address labeled as Railgun Relay — an intermediary for the privacy protocol — shortly before being transferred to the victim.
The Scammer’s Message
Scam Sniffer pointed Cointelegraph to an on-chain message from the hacker, who reached out to the victim via a different wallet address on July 6. “Hello, I am the guy who took your money,” the scammer said. “I want to give the money back.”
Etherscan data shows that the scammer’s wallet address now holds a little over $3 million in funds after the $9 million transfer. Nearly 99% of these funds comprise the METAGALAXY LAND (MEGALAND) token from the BNB Chain.
| Date | Event | Amount Transferred |
|---|---|---|
| Sept 6, 2023 | Phishing attack | $24.2 million |
| July 8, 2024 | First return transfer | $5.23 million |
| July 13, 2024 | Second return transfer | $4.04 million |
The Impact of Phishing Scams in 2023
Phishing scams have been a significant issue in the cryptocurrency space. According to Scam Sniffer’s 2023 Wallet Drainers Report, phishing scammers stole almost $300 million worth of crypto from 324,000 victims in 2023.
Inferno Drainer and MS Drainer were the two most notorious phishing scammers of the year, stealing $81 million and $59 million, respectively. In 2023, Pink Drainer emerged as one of the most prominent phishing scammers, stealing over $85 million before shutting down in May.
The unexpected return of $9.3 million by a phishing scammer to their victim highlights both the risks and the occasional unpredictability within the cryptocurrency space. As phishing scams remain a significant threat, the industry must continue to develop and implement more effective security measures to protect users and maintain trust.
Featured image credit: storyset via Freepik
Follow us for more breaking news on DMR