Fraudster Returns $9.3M DAI To Victim 10 Months After Phishing Them

Fraudster Returns $9.3M DAI To Victim 10 Months After Phishing Them


After a phishing scam stole $24 million from them in a phishing attack last September, nearly $9.3 million was suddenly recovered.

First spotted by Scam Sniffer on July 13, the scammer used the Dai (DAI) stablecoin to withdraw funds in two transactions last week.

The first transfer of $5.23 million was returned on July 8, while another $4.04 million was sent on July 13 at 12:06 pm UTC, Etherscan data shows.

It transfers the wallet address from the scammer to the victim. Source: Etherscan

On September 6, 2023, 10 months after the victim fell for a $24.2 million phishing scam, he lost 9,579 Lido Staked Ether (stETH) and 4,850 Rocket Pool (rETH) tokens.

Binance

By signing “Add Allowance” transactions, the victim gives the scammer approval of the token, according to a Scam Sniffer post.

An allowance is an ERC-20 token feature that allows a third party to have the right to issue tokens that belong to the owner.

Crypto market data platform CoinMarketCap and other industry players have flagged the loophole, suggesting it could allow anonymous developers to deploy malicious contracts to defraud users.

There is no known explanation for the transfers.

The latest return of $9.3 million at September 6 prices equates to a 38.4% fund return, although the 14,429 in staked-Ether was worth $47.5 million at today's prices.

Onchain data shows the die fichem's Railgun relay – a privacy protocol intermediary – at a designated address shortly before it is transmitted to the victim.

However, no explanation has yet been given for the sudden transfers. The scammer never sent the victim an on-chain message in any of the multi-million dollar transfers.

3b259505 cfd4 42b2 a57f 92d83da5e236
Source: Fraud Sniffer

According to Etherscan data, the fraudster's wallet address now has more than $3 million in funds after the $9 million transfer.

Almost 99% of those funds include the METAGALAXY LAND (MEGALAND) token from the BNB Chain.

Related: New Crypto Scam Drains Users' Wallets Without Transaction Approval

Phishing scammers According to Scam Sniffer's 2023 Wallet Drainers report, nearly $300 million worth of crypto was stolen from 324,000 victims in 2023.

In the year In 2023, Inferno Drenner and MS Drenner were the two most famous phishing scams, stealing $81 million and $59 million respectively.

Pink Drainer became one of the biggest phishing scams this year, stealing more than $85 million before it was shut down in May.

Magazine: Ethereum ERC-20 Design Flaws Are a Crypto Scammer's Best Friend

Leave a Reply

Pin It on Pinterest