Scammer Returns $9.3M 10 Months After $24M Scam

A phishing scam victim has received $9.3 million from the scammer who attacked their account 10 months ago, stealing $24 million.

In an unexpected twist, a phishing scam victim has recovered $9.3 million, ten months after falling victim to a $24 million crypto robbery in September of last year. Scam Sniffer initially reported the dramatic reversal on July 13, revealing that the scammer utilized Dai stablecoin to return the funds in two batches.

A Change of Heart

The fraudster contacted the victim via an on-chain message on July 6, indicating that he had a change of heart and intended to return the stolen funds.

“Hello, I am the guy who took your money. I want to give the money back.”

Two days later, the criminal initiated the reimbursement process by transferring $5.23 million of the Dai stablecoin on July 8, as evidenced by Etherscan.

The fraudster conducted an additional transfer to the victim’s wallet address on July 13. According to Scam Sniffer, the lousy actor returned approximately $4.04 million to the same address as the first time at 12:06 PM UTC, bringing the total to $9.3 million.

Additionally, the on-chain data indicated that the Dai that was returned was from an address associated with Railgun Relay, a privacy protocol intermediary.

The victim, struggling with a substantial financial loss, was relieved to receive nearly 40% of their misappropriated funds back. Based on September 2023 prices, the $9.3 million represented approximately 38.4% of the misappropriated assets’ value at the time of the return.

Nevertheless, the 14,429 staked Ether tokens would be worth approximately $47.5 million if valued at the current market prices.

Funds that remain

Despite the return of funds, the scammer’s wallet contains many other cryptocurrencies, as Etherscan data indicates. The crypto wallet predominantly comprises METAGALAXY LAND (MEGALAND) tokens from the BNB Chain, with a total value exceeding $3 million, as blockchain data indicates.

The victim lost 9,579 Lido Staked Ether (stETH) and 4,850 Rocket Pool (rETH) tokens in the initial theft on September 6, 2023.

The thief deceived the victim into authorizing token allowances through “Increase Allowance” transactions, which allow third-party spending rights on ERC-20 tokens. This exploit enabled the fraudster to seize the victim’s assets.

An Unusual Bright Spot

The most recent advancement in the cryptocurrency market is an uncommon respite from the bleak landscape of phishing attacks and other malicious activities in the emerging economy.

The loss of nearly $300 million from 324,000 victims was solely attributable to phishing schemes in 2023. Inferno Drainer and MS Drainer were the two most prevalent schemes, as per the 2023 Wallet Drainers Report by Scam Sniffer. The two methods employed by cybercriminals to siphon a total of $140 million last year were as follows.

In 2023, the Inferno Drainer attacks resulted in a theft of $81 million, while the MS Drainer caused a loss of $59 million. Pink Drainer was another noteworthy phishing attack that stole more than $85 million before its closure in May.