- A Bitcoin hacker whose recent escapade shook the industry is active.
- The hacker has sent ETH worth millions to the victim.
- The victim has yet to recover all of the stolen funds.
The scammer believed to be behind a recent “address poisoning” attack that led to the theft of over $71 million worth of wrapped Bitcoin (WBTC) is active again, this time making massive ETH transfers to the victim.
WBTC is an ERC-20 token pegged 1:1 with Bitcoin, allowing it to be utilized in the Ethereum ecosystem. After stealing 1,155 WBTC from the victim, the attacker sold the entire loot for 22,960 ETH, which they sent to multiple addresses, possibly for obfuscation and laundering.
Attacker Refunds the Victim
On March 10, multiple blockchain security firms reported that the victim of the address poisoning attack had started receiving ETH back from the exploiter, almost a week after the unfortunate event.
Sponsored
The attacker initially reached out to the victim via an on-chain message and asked for a Telegram address. While the message didn’t clarify what the attacker wanted to discuss with the victim, it was accompanied by a 51 ETH ($152,000) transfer.
“Yesterday: Scammer demands Telegram address from victim. Today: Funds are returning to victim. 🔄 Looks like there might have been an agreement at the end 🤝.” Cyvers wrote on X (Twitter).
According to PeckShield, the attacker has so far transferred a total of 11,446.87 ETH ($34.7 million) to the victim’s address, approximately 50% of the stolen funds.
In the meantime, the hacker’s identity and location remain unknown. While SlowMist’s threat intelligence network identified several IPs suspected to be used by the hacker originating from Hong Kong, the blockchain security firm did not rule out the use of a VPN.
Sponsored
Read about a massive crypto scam busted in Europe:
Eurojust Leads €6M Cryptocurrency Scam Bust in Austria
Stay updated on the arrest ZKasino scam suspect:
ZKasino $32M Scam Suspect Arrested: Here’s What We Know
