A woman who was the victim of a $24 million phishing attack has gotten some of the stolen money back after the attacker voluntarily returned it to her.
According to Web3 anti-fraud solution Scam Sniffer, the attacker returned $9.3 million to the victim after stealing over 9,579 Lido Staked Ether (stETH) and 4,850 Rocket Pool (rETH) tokens in late 2023.
The victim after being attacked to give permission “Allowance Increase” transactions requested during the phishing process.
This tactic has been marked as one of the most common strategies used in phishing scams. Once approved, the requesting party has the right to transfer the assets within the wallet.
This issue, which is specific to ERC-20 tokens, has been criticized by market players who claim that it could allow fraudulent developers to deploy malicious smart contracts to trick unsuspecting users.
Ten months after the theft, on July 6, the attacker sent an on-chain message to the victim. The message, recorded on the blockchain, stated:
“Hello, I’m the guy who takes your money [..,] “I want to give the money back.”
Later, on July 8, the attacker returned $5.23 million worth of stablecoin DAI. Another $4.04 million was sent on July 13, bringing the total to $9.3 million, Etherscan data confirmed.
The funds were hidden by the attacker using a privacy protocol called Railgun before being transferred to the victim. The returned funds account for 38.84% of the total money stolen by the attack.
At the time of publication, the scammer had over $3 million worth of various crypto assets in the sender’s wallet.
While quite rare, there have been some cases where attackers have returned stolen funds. Last year, the Euler protocol, which lost $197 million in virtual assets, saw the attacker return almost 90% of the stolen funds.
More recently, in February 2024, the hacker behind the $6.4 million Seneca Protocol hack returned $5.3 million to the project as part of a negotiation with the attacker, who promised a 20% reward and immunity from legal reprisals if 80% of the funds were returned.
But phishing scams continue to impact the crypto industry, with Scam Sniffer reporting more than $290 million in lost funds in 2023 alone.