A phishing scammer has suddenly returned nearly $9.3 million to a victim after stealing $24 million from them in a phishing attack last September.
First noticed by Scam Sniffer on July 13, the scammer used Dai (DAI) stablecoin to return the funds across two transactions last week.
The first transfer saw $5.23 million returned on July 8, while another $4.04 million was sent on July 13 at 12:06 pm UTC, Etherscan data shows.
It comes 10 months after the victim fell for a $24.2 million phishing scam on Sept. 6, 2023, losing 9,579 Lido Staked Ether (stETH) and 4,850 Rocket Pool (rETH) tokens.
The victim enabled token approvals to the scammer by signing “Increase Allowance” transactions, according to Scam Sniffer’s post at the time of the incident.
Allowance is an ERC-20 token feature that enables a third party to have the right to spend tokens belonging to that owner.
Crypto market data platform CoinMarketCap and other industry players have flagged the loophole, noting that it can potentially allow anonymous developers to deploy malicious smart contracts to scam users.
No known explanation for the transfers
The recent $9.3 million return equates to a 38.4% fund return at Sept. 6 prices, though the 14,429 in staked-Ether would have been worth $47.5 million at today’s prices.
Onchain data shows the Dai ficame through an address labeled as Railgun Relay — an intermediary for the privacy protocol — shortly before being transferred to the victim.
However, there has yet to be any explanation for the sudden transfers. The scammer didn’t write an onchain message to the victim in either of the multimillion-dollar transfers.
Etherscan data shows that the scammer’s wallet address now has a little over $3 million in funds after the $9 million transfer.
Nearly 99% of those funds comprise the METAGALAXY LAND (MEGALAND) token from the BNB Chain.
Related: New crypto scam drains users' wallets without transaction approval
Phishing scammers stole almost $300 million worth of crypto from 324,000 victims in 2023, according to Scam Sniffer’s 2023 Wallet Drainers Report.
In 2023, Inferno Drainer and MS Drainer were the two most notorious phishing scammers, stealing $81 million and $59 million, respectively.
Pink Drainer became one of the most prominent phishing scammers this year, stealing over $85 million before it shut down in May.
Magazine: Ethereum’s ERC-20 design flaws are a crypto scammer’s best friend
