User Loses Funds in Phishing Attack

On September 6, 2023, a user fell victim to a sophisticated phishing attack, losing 9,579 Lido Staked Ether (stETH) and 4,850 Rocket Pool (rETH) tokens. The scam involved the victim unknowingly enabling the scammer to approve tokens through 'Increase Allowance' transactions, a common feature of ERC-20 tokens that allows third-party spending rights.

Scam Sniffer initially reported the incident on July 13. The scammer used Dai stablecoin to return nearly $9.3 million of the stolen funds in two separate transactions. According to Etherscan data, the first transfer of $5.23 million was returned on July 8, followed by another $4.04 million on July 13 at 12:06 pm UTC.

At current market values, the returned $9.3 million represents approximately 38.4% of the stolen funds based on prices from the theft. Notably, the staked Ether alone would be valued at around $47.5 million at today's prices.

Scammer's Actions and Intentions

The Dai funds were traced back through an address associated with Railgun Relay, a privacy protocol intermediary, before being transferred to the victim's account.

It is worth noting that the scammer also contacted the victim via a different wallet address on July 6, admitting to the theft and expressing a desire to return the money.

Following the return, the scammer's wallet balance, as seen on Etherscan, now exceeds $3 million. Notably, nearly 99% of these funds comprise the METAGALAXY LAND (MEGALAND) token from the BNB Chain.

Phishing Scams Continue to Plague Crypto Industry

According to Scam Sniffer's 2023 Wallet Drainers Report, phishing scammers stole nearly $300 million from 324,000 victims in 2023 alone. Notorious actors such as Inferno Drainer and MS Drainer were responsible for substantial sums. Pink Drainer emerged prominently this year before its operations ceased in May after stealing over $85 million.

Meanwhile, the restitution comes as the cryptocurrency market has shown remarkable resilience in the face of adversity, achieving a record recovery rate of 77% for stolen funds in the second quarter of 2024.

In Q2 2024, $347.4 million of the stolen crypto funds were successfully recovered or frozen out of the total $512.9 million lost, according to Hacken's Web3 Security Report Q2 2024.

'For the second consecutive quarter, the silver lining amid the alarming rate of crypto theft is the amount of funds recovered,' the report wrote.

Social Media and Scam Proliferation

Cryptocurrency scams have thrived on X, with analysts attributing a significant portion of all crypto scams to scammers on the platform. Scam Sniffer, a web3 anti-scam company present on X, conducted an analysis revealing that nearly $50 million is lost each month due to account impersonation on X.com.

Just recently, Binance co-founder Yi He raised concerns about the proliferation of cryptocurrency scams on X and questioned whether Musk would take action to tackle the issue.