After six days of inactivity, the stolen cryptocurrency funds connected to a recent scam involving a $71 million wallet impersonation scheme are now on the move.
On May 3, an investor fell victim to a wallet poisoning scam, wherein $71 million worth of Wrapped Bitcoin (WBTC) was sent to a bait wallet address. The scammer cleverly created a wallet address that had similar alphanumeric characters to the victim’s legitimate address and made a small transaction to the victim’s account.
Like many investors, the victim verified the wallet address by checking the first and last few characters and subsequently transferred 97% of their total assets to it. However, the difference in the middle characters, which are often hidden on platforms for aesthetic purposes, would have been noticeable.
As is common among hackers, the scammer converted the stolen crypto into Ether (ETH) to facilitate easier siphoning through privacy protocols like Tornado Cash. Consequently, the 1,155 WBTC was promptly converted into approximately 23,000 ETH and remained dormant in the scammer’s wallet for six days.
On May 8, PeckShield, a blockchain investigation firm, detected the laundering of some of the stolen funds. The scammer began breaking down the loot into smaller portions and started sending them to multiple crypto wallets.
To decrease traceability, the scammer utilized around 400 crypto wallets to dilute the stolen funds. Eventually, the funds ended up in over 150 wallets. However, as of now, all the stolen funds can still be traced back to the unidentified scammer.
During bullish market conditions, crypto scammers and hackers tend to be most active. To learn how to securely store cryptocurrencies, read Cointelegraph’s comprehensive guide.
Related:
To keep your crypto safe from hackers during this bull market, follow these four tips.
A new type of scam allows malicious actors to drain users’ wallets without transaction approval.
This scam specifically targets tokens that adhere to the ERC-2612 token standard, which enables “gas-less” transfers or transfers without the need for the wallet to hold ETH. However, to execute approval-less transactions, the user must be deceived into signing a message. Cointelegraph’s investigation revealed that the scam was orchestrated by a Telegram group that featured a counterfeit version of the Collab.Land Telegram verification system.
Magazine:
Meme coins: Are they a betrayal of crypto’s ideals… or its true purpose?