Victim of $71 million ‘address poisoning’ attack recovers funds after negotiations
Somewhere in the world, whales thank their lucky stars and not Lazarus. The victim of last week’s ‘address poisoning’ attack appears to have been tricked into sending $71 million worth of Wrapped Bitcoin Tokens (WBTC) to an attacker who mimicked her address, recovering almost all of her available funds, Blockchain Data said. shows:
In an ‘address poisoning’ or ‘dusting’ attack, an attacker spams a high-net-worth person’s wallet with transactions from a wallet that is very similar to the victim’s address. If a victim carelessly copies and pastes a wallet address from a spam transaction, as happened here, they could see millions of dollars sent directly into the hands of attackers due to a botched transaction.
The US dollar value of the recovered funds is only about $66.8 million, but since the attackers exchanged most of the stolen WBTC tokens for Ether following the theft, the loss in value may be due to a slightly larger drop in the price of Ether over the past week. Compared to Bitcoin.
In a press release, Andrei Kutin, CEO of blockchain cybersecurity company Match Systems, claimed that he participated in negotiations with the attackers along with Exchange Cryptex and took credit for leading to a full recovery. “At this time, the victim has not filed any complaints against the perpetrator,” the press release states.
Blockchain messaging data shows that the victim’s initial attempts to contact the attacker (despite offering a 10% bounty) went unanswered, but the attacker did reach out to the victim two days ago. There are few specific details about the recovery negotiations and why the attackers initially refused the 10% bounty to return all remaining funds. Match Systems did not immediately respond to a request for comment.
Unfortunately, while multi-million dollar exploits of various kinds are common in cryptocurrencies, illegal activity could be on the decline. Security firm CertiK recently revealed that April saw the lowest amount of funds lost to fraud since March 2021. There is a tendency to accept the bounty, despite the return of some of the looted funds following the conviction of Avraham Eisenberg on fraud charges related to the Mango Markets exploits.
Disclaimer: The Block is an independent media outlet delivering news, research and data. As of November 2023, Foresight Ventures is a majority investor in The Block. Foresight Ventures invests in other companies in the cryptocurrency space. Cryptocurrency exchange Bitget is an anchor LP of Foresight Ventures. The Block continues to operate independently to provide objective, impactful and timely information about the cryptocurrency industry. Below are our current financial disclosures.
© 2023 The Block. All rights reserved. This article is provided for informational purposes only. It is not provided or intended to be used as legal, tax, investment, financial or other advice.
