Scammer returns $9.3M DAI to victim 10 months after phishing them

In a strange turn of events, a phishing scammer has returned a large portion of funds it stole from a victim last September.

A phishing scammer has suddenly returned nearly $9.3 million to a victim after stealing $24 million from them in a phishing attack last September.

First noticed by Scam Sniffer on July 13, the scammer used Dai stablecoin to return the funds across two transactions last week.

The first transfer saw $5.23 million returned on July 8, while another $4.04 million was sent on July 13 at 12:06 pm UTC, Etherscan data shows.

e69d089b 3e3c 489a b652 9ba10e828d01 e69d089b 3e3c 489a b652 9ba10e828d01

Transfers from the scammer to the victim’s wallet address. Source: Etherscan

It comes 10 months after the victim fell for a $24.2 million phishing scam on Sept. 6, 2023, losing 9,579 Lido Staked Ether (stETH) and 4,850 Rocket Pool (rETH) tokens.

The victim enabled token approvals to the scammer by signing “Increase Allowance” transactions, according to Scam Sniffer’s post at the time of the incident.

Allowance is an ERC-20 token feature that enables a third party to have the right to spend tokens belonging to that owner.

Crypto market data platform CoinMarketCap and other industry players have flagged the loophole, noting that it can potentially allow anonymous developers to deploy malicious smart contracts to scam users.

No known explanation for the transfers
The recent $9.3 million return equates to a 38.4% fund return at Sept. 6 prices, though the 14,429 in staked-Ether would have been worth $47.5 million at today’s prices.

Onchain data shows the Dai ficame through an address labeled as Railgun Relay — an intermediary for the privacy protocol — shortly before being transferred to the victim.

However, there has yet to be any explanation for the sudden transfers. The scammer didn’t write an onchain message to the victim in either of the multimillion-dollar transfers.

 

3b259505 cfd4 42b2 a57f 92d83da5e236 3b259505 cfd4 42b2 a57f 92d83da5e236

Source: Scam Sniffer

Etherscan data shows that the scammer’s wallet address now has a little over $3 million in funds after the $9 million transfer.

Nearly 99% of those funds comprise the METAGALAXY LAND (MEGALAND) token from the BNB Chain.

Phishing scammers stole almost $300 million worth of crypto from 324,000 victims in 2023, according to Scam Sniffer’s 2023 Wallet Drainers Report.

In 2023, Inferno Drainer and MS Drainer were the two most notorious phishing scammers, stealing $81 million and $59 million, respectively.

Pink Drainer became one of the most prominent phishing scammers this year, stealing over $85 million before it shut down in May.

Leave a Reply

Your email address will not be published. Required fields are marked *

Chatbot AI D2
XX