 | A victim today lost over 68 MILLION in wBTC simply by copying and pasting the wrong address. PSA - ALWAYS CHECK YOUR WALLET ADDRESS AND NEVER SEND LARGE FUNDS WITHOUT VERIFYING! I think the scammer is going to have a REAL hard time trying to launder 68 MILLION with so many eyeballs on this case. So far I can see all the funds accounted for. No money laundering attempts yet. Here are the main wallets to follow:
Below are where all the stolen funds are currently located:
About the ScammerI looked about at some clues on who the scammer might be and I came across this wallet - 0xd50Ddd086EEf8E48c597c5A9225F616A2b3250F2. This scammer appears to be well funded and it seems this was a very targeted attack. 0xd50Ddd086EEf8E48c597c5A9225F616A2b3250F2 has numerous deposits into ChangeNOW. Below are a few. I'm showing about 300K deposited in total.
0x2bb7848Cf4193a264EA134c66bEC99A157985Fb8 also appears to be connected to the scammer. I noticed some smaller deposits into the following:
Lastly, I also followed the money trail to this wallet - 0xA5335dB79413e9D2CD5B1E01A42F67ff3e55e49A which is an older wallet created in 2017 with about 3M sitting in it. I did notice a Binance deposit address associated with this wallet doing large txns.
This needs further investigation before 100% confirming it belongs to the scammer. I don't want to jump ahead and confirm this is a scammer wallet but it's very suspicious. How did this Scam Happen - Address PoisoningAddress poisoning is a tactic where a scammer will try and mirror the victim's intended wallet. Since many wallets show the first 5 and last 5 of a wallet address, the scammer creates a wallet with the exact first and last digits of the address. Typically the attacker spams victims with numerous transactions hoping the victim will copy and paste the wrong address. Below is exactly how this scam worked
In between these two outgoing txns, the scammer sent .64 in ETH to 0xd9A1C3788D81257612E2581A6ea0aDa244853a91. The txn was too small for my tools to pick up but Etherscan did. Here is the Etherscan transaction in between the two transactions above - 0x87c6e5d56fea35315ba283de8b6422ad390b6b9d8d399d9b93a9051a3e11bf73 The scam transaction happened 4 minutes after the victim sent .05 ETH to its intended address. In this instance, the victim mistakenly copied and pasted the fake address of 0xd9A1C3788D81257612E2581A6ea0aDa244853a91 and sent 68.5M to the scammer. I'd say this looks like a targeted attack. Scammers are watching movements from whales and will try and squeeze in these small txns to make it look like the victim has the correct wallet address. As you can see, the potential for scoring a big payday requires very little investment. In this case less than one dollar. How to Prevent Address PoisoningIf you're in this forum I'm expecting one day we'll all be crypto whales. It may be wishful thinking for some, but there are a few steps you can take to avoid scammers from tricking you.
Stay safe out there and I do hope the victim gets his funds back. UPDATE 1 A victim has been found. All funds are still sitting in decentralized wallets. If I were the hacker I'd take the offer of 10% and walk away with 7 MILLION! Here's the proof - https://twitter.com/somaxbt/status/1786699612302004580 [link] [comments] |
You can get bonuses upto $100 FREE BONUS when you:
π° Install these recommended apps:
π² SocialGood - 100% Crypto Back on Everyday Shopping
π² xPortal - The DeFi For The Next Billion
π² CryptoTab Browser - Lightweight, fast, and ready to mine!
π° Register on these recommended exchanges:
π‘ Binanceπ‘ Bitfinexπ‘ Bitmartπ‘ Bittrexπ‘ Bitget
π‘ CoinExπ‘ Crypto.comπ‘ Gate.ioπ‘ Huobiπ‘ Kucoin.
Comments