Victim of $71 million WBTC dust attack recovers stolen loot

The crypto whale that lost $71 million in wrapped bitcoins (WBTC) through a dust attack has recovered the stolen funds after negotiations with the hacker.

According to a tweet from blockchain security firm PeckShield, the scammer began returning the funds on May 9 and completed the process on May 11.

Steal $71 million from WBTC

The whale’s problems began on May 3 after it mistakenly sent 1,155 WBTC to an incorrect address placed in its transaction history through address poisoning.

An address poisoning or dusting attack is a scam in which a malicious actor sends a transaction of zero or negligible value to a victim’s wallet to cause the address to appear in their transaction history. These malicious addresses often have similar starting and ending characters to the victim’s real wallets, making them undetectable on the surface.

As reported by CryptoPotato, the real and malicious addresses had characters starting with 0xd9A1 and ending with 853a91 in this situation. Therefore, the victim was tricked when he wanted to transfer his WBTC to a different wallet.

The scammer didn’t move the stolen goods until five days later, when they began breaking down the stash into smaller portions. They used more than 400 wallets to distribute the funds to about 150 addresses. Notably, they had exchanged the loot for approximately 23,000 Ether (ETH) on May 3rd.

The Recovery

Details of the negotiations between the scammer and the victim are not available, as the discussion appears to have taken place on Telegram.

The victim first contacted the scammer on May 5, offering 10% in exchange for the stolen funds. In collaboration with blockchain cybersecurity firm Match Systems and crypto exchange Cryptex, the victim threatened to trace the funds if the attacker did not respond on May 6.

After a few days of silence, the scammer sent some ETH to the victim along with a message asking for their Telegram handle for proper discussions. After the talks, the attacker returned the loot in batches. It is still unknown why the malicious actor returned the assets in full, discarding the 10% reward offer.

Meanwhile, the value of returned assets is around $66.8 million because Ether has declined more than BTC in the past week. Data from CoinMarketCap shows that ETH fell by more than 6.4%, while BTC fell by about 2.8% in the same time period.

SPECIAL OFFER (Sponsored) Binance Free $600 (Exclusive to CryptoPotato): Use this link to register a new account and receive an exclusive welcome offer of $600 to Binance (full details).

2024 LIMITED OFFER for CryptoPotato Readers on Bybit – Use this link to register and open a $500 BTC-USDT position on Bybit Exchange for free!