As an experienced cybersecurity analyst, I’ve seen my fair share of cryptocurrency scams and attacks. Based on the information provided in this article, it appears that we’re dealing with a classic case of address poisoning attack. The attacker managed to trick the victim into sending them $68 million worth of Wrapped Bitcoin by manipulating their perception of the receiving address.
A person accused of carrying out a poisoned address attack, in which they reportedly deceived a user into transferring $68 million worth of Wrapped Bitcoin (WBTC), has returned $153,000 worth of Ether (ETH) to the victim. This action appears as a gesture of goodwill. Simultaneously, within the same transaction, the attacker expressed their intent to discuss terms for a potential resolution and requested the victim’s Telegram username for communication purposes. The value returned represents approximately 0.225% of the total funds supposedly taken.
As a data analyst examining blockchain transactions, I came across an intriguing occurrence on May 5. The account with the ending “8fD5” sent three messages to another account, “dA6D.” Strikingly, the account “dA6D” had previously received funds from a known attacking account labeled as “FakePhishing327990” on Etherscan. These transactions went through several intermediary accounts before reaching “dA6D.” Given this information, it’s plausible that “dA6D” was controlled by the attacker at the time of these transactions.
The messages suggested that the victim was prepared to pay the attacker a tenth of the funds as a reward and forgo legal action if the attacker restored the remaining 90%.
“We both know there’s no way to clean this funds. You will be traced. We also both understand the ‘sleep well’ phrase wasn’t about your moral and ethical qualities. Nevertheless, we officially admin your right to the 10%. Send 90% back. There are 24 hours for you before 10am UTC, 6th May 2024 to make a decision that will change your life, in any case.”
On May 9, at 11:37 am UTC, an account with the ending 72F1 retaliated by transferring 51 units of Ether (ETH), equivalent to approximately $153,000 based on current market prices, to the affected party. It was later discovered that this account had also received funds from FakePhishing327990 via multiple intermediary accounts, implying that it too was manipulated by the attacker.
In the ETH transaction that transferred 51 units, an attacker included a message asking “Please leave your Telegram and I will get in touch with you.” At 11:43 am, they tried to improve their grammar by adding another message: “Please leave your Telegram and I will contact you.” [
In response, the victim posted a Telegram username where they can be contacted.
After the suspect reportedly deceived the victim into transferring 1,155 Wrappped Bitcoins (WBTC), equivalent to around $68 million at that moment, into their account erroneously, a negotiation ensued through a malicious transaction known as “address poisoning.”
As a researcher investigating the blockchain transaction record, I came across an intriguing observation at 09:17 am on May 3. An attacker managed to use a smart contract to transfer 0.05 units of an unnamed ERC-20 token from a victim’s account to their own. This token didn’t have a designated name on Etherscan, merely referred to as “ERC-20.”
Around 10:31 am on that very day, the unfortunate individual transferred 1,155 WBTC to this particular address inadvertently. The recipient address might have looked deceitfully similar to one the victim had previously used to deposit funds into a centralized exchange or for another purpose.
The victim might have believed that address to be secure since they had previously transferred 0.05 tokens to it. Nevertheless, those 0.05 tokens were actually sent by the attacker, giving a false sense of security.
When a cybercriminal sends fraudulent transactions to victims with deceitful sender addresses, aiming to create confusion, security professionals refer to this malicious activity as an “address spoofing attack.” To prevent unfortunate mistakes caused by such attacks, experts advise users to meticulously examine the transaction’s sender address before approving it.
Read More
- Top gainers and losers
- JASMY PREDICTION. JASMY cryptocurrency
- LDO PREDICTION. LDO cryptocurrency
- DOP PREDICTION. DOP cryptocurrency
- SILLY PREDICTION. SILLY cryptocurrency
- LUNA PREDICTION. LUNA cryptocurrency
- KAI PREDICTION. KAI cryptocurrency
- ADA PREDICTION. ADA cryptocurrency
- CEL PREDICTION. CEL cryptocurrency
- PRE PREDICTION. PRE cryptocurrency
2024-05-09 21:23