Whale, who had been a victim of a phishing attack, was able to win back more than $70 million worth of assets stolen by hackers. The recovery, facilitated by a series of unexpected communications with the attacker, sheds light on the tactics employed by cybercriminals to steal crypto assets.
How the scam incident took place
The scam took place on May 3rd. The holder of Wrapped Bitcoin (WBTC) fell victim to a Phishing attack. The attacker, using a method called address mimicking, misled the whale into thinking about dispersing his / her funds to an address that is pretty much the same as their own.
A whale lost 1,155 $WBTC($71M) due to a phishing attack on May 3.A week later, the attacker returned all the funds.How did it happen?What should we pay attention to?1/🧵A thread tells you the whole story. pic.twitter.com/4FVwO631Qo
— Lookonchain (@lookonchain) May 12, 2024
The phishing attempt took advantage of the way that the legal and fake addresses are so similar, and thus, the whale’s momentary distraction among a lot of transactions
When identifying the theft, the whales instantly moved forward to undertake the necessary steps toward recovering the stolen assets.
Attack recovery process
Although the whale was unsuccessful in the first attempt to contact the attacker, it finally managed to communicate, and the attacker was ready to negotiate the return of the funds.
victims were not responded the 10th of May attacker sent a message privately addressing the Telegram wallet of the whale
Match Systems, a cybersecurity agency that deals with the protection of digital assets, was the second key contributor to the quick recovery of the stolen cryptocurrencies. In all this, the agency stressed promptness from the victims as a key to taking the rightful steps in recovering the full asset involved.