close
close
hsuses

Victim Recovers Funds After $71 Million Address Poisoning Attack – Here’s What Happened

Theo

Ruholamine Haqshanas

Last update:

May 12, 2024, 4:00 a.m. EDT
| 2 minutes read

A victim who fell victim to a sophisticated address poisoning attack has successfully recovered almost all of the stolen funds, totaling $100,000 an incredible $71 million.

In the incident, the victim sent mistakenly wrapped Bitcoin tokens (WBTC) to an attacker who cleverly imitated his wallet address.

However, thanks to the efforts of blockchain cybersecurity firm Match Systems and exchange Cryptex, the victim’s losses were largely mitigated.

What is address poisoning?


In address poisoning, also known as dusting attacks, an attacker floods the wallet of a wealthy individual with transactions from a wallet that is very similar to the victim’s address.

If the victim accidentally copies and pastes a wallet address from one of these spam transactions, a simple mistake can result in millions of dollars ending up in the attacker’s hands.

Unfortunately, that’s exactly what happened in this case.

Although the recovered funds currently stand at approximately $66.8 million, the slight drop in value can be attributed to the attacker converting most of the stolen WBTC tokens into Ether after the theft.

Andrei Kutin, CEO of Match Systems, and Cryptex played a crucial role in facilitating negotiations with the attacker that ultimately led to the successful recovery of the funds, according to a press release.

“At the moment the victim has no complaints against the attacker” The says the press release.

Blockchain messaging data shows that the victim initially tried to contact the attacker and even offered a 10% bounty as an incentive, but received no response.

But just two days ago, the attacker unexpectedly reached out to make contact with the victim.

Detailed information about the reclaim negotiations and the reasons for the initial rejection of the bounty remain scarce.

While multi-million dollar crypto exploits remain commonplace, there are signs that illegal activity may be on the decline.

Security firm CertiK recently reported that April saw the lowest amount of funds lost to fraud since March 2021.

The attackers may have become more cautious, especially given the Conviction of Avraham Eisenberg on fraud allegations related to the Mango Markets exploit.

Eisenberg returned some of the looted funds, but still faced legal consequences.

April records the lowest crypto hack losses


The cryptocurrency industry experienced a major breakthrough downturn in combined Losses due to hacks and scams In April.

This month saw the lowest combined losses from crypto-related hacks and scams since 2021: approximately $25.7 million was lost to exploits, hacks and scams.

Specifically, only $25.7 million was lost to attacks during the month, marking the lowest amount since CertiK began tracking such data in 2021.

Flash loan attacks caused $129,000 in losses, with the largest incident causing $55,000 in damage.

This was the lowest incidence of Flash loan attacks since February 2022 and $4.3 million was lost to exit fraud.

As reported, the first quarter of this year took place It lost $336 million by Web3 hackers and fraud, with almost half of the capital stolen in January alone.

Still, the number represents a 23% decline compared to the first quarter of 2023.

It is also worth noting that $73,885,000 was recovered from stolen Web3 capital in seven specific situations.

Related Posts