Victim Recovers Funds After $71 Million ‘Address Poisoning’ Attack – Here’s What Happened
A victim who fell prey to a sophisticated ‘address poisoning’ attack has successfully recovered almost all of the stolen funds, amounting to a staggering $71 million.
The incident involved the victim mistakenly sending wrapped Bitcoin tokens (WBTC) to an attacker who cleverly mimicked their wallet address.
However, thanks to the efforts of blockchain cybersecurity firm Match Systems and the exchange Cryptex, the victim’s losses have been largely mitigated.
What is Address Poisoning?
Address poisoning, also known as dusting attacks, occurs when an attacker inundates the wallet of a high net worth individual with transactions from a wallet that closely resembles the victim’s address.
If the victim carelessly copies and pastes a wallet address from one of these spam transactions, a simple mistake can result in the transfer of millions of dollars into the attacker’s hands.
Unfortunately, this is precisely what transpired in this case.
Although the recovered funds currently amount to approximately $66.8 million in U.S. dollars, the slight depreciation in value can be attributed to the attacker’s conversion of most of the stolen WBTC tokens into ether following the theft.
Match Systems’ CEO, Andrei Kutin, and Cryptex played pivotal roles in facilitating negotiations with the attacker, ultimately leading to the successful recovery of the funds, according to a press release.
“At the moment, the victim has no complaints against the attacker,” the press release reads.
Blockchain messaging data reveals that the victim initially attempted to contact the attacker, even offering a 10% bounty as an incentive, but received no response.
However, just two days ago, the attacker unexpectedly reached out to establish contact with the victim.
Detailed information regarding the recovery negotiations and the reasons behind the initial rejection of the bounty remains scarce.
