How a USDT holder lost and recovered $129m within hours

A crypto investor lost a significant amount of USDT tokens to a phishing address but eventually witnessed the funds being returned hours later.

Data obtained from Tronscan shows that the user with the wallet address “TGr…XAE” accidentally transferred $129 million USDT to a phishing address on the TRON blockchain.

The phishing address “THc…bu8” mimicked the appearance of the intended recipient, “TMS…bu8”, using similar start and end characters.

The victim had tested the transaction with 100 USDT before sending the large sum, but failed to notice the discrepancy in addresses when transferring $129 million.

Specifically, the erroneous transmission occurred at 09:05 UTC. A few minutes later, the phishing address moved the stolen funds to a new wallet, “TKt…f6m”. At this point the stolen funds seemed to be lost forever.

However, in an unexpected move, the owner of “TKt…f6m” returned 90% of the stolen funds (116.7 million USDT) to the victim’s address at 09:58 UTC. Approximately five hours later, the remaining balance of 12.96 million USDT was sent back to the victim.

Immediately after investors acquired the assets, the victim transferred the funds to their original intended destination, “TMS…bu8,” and the tokens have remained there ever since.

The reasons behind this unusual action of compensation remain unclear. Speculation ranges from the phishing gang’s rare show of charity to other factors influencing their decisions.

This case is an anomaly in the growing trend of crypto-related phishing scams. Last month, an address affiliated with a leading crypto venture capital firm lost $36 million in a similar attack.

In August, a whale lost $55 million in a phishing scam involving the DAI stablecoin. Phishing scams cost investors $63 million in August and $43 million in September, Crypto.news reports.