ccording to on-chain data, the crypto scammer who stole 1,155 Wrapped Bitcoin (WBTC), equivalent to $70.5 million, has begun returning the funds. Blockchain security firm Peckshield reported that the attacker had returned 50% of the stolen funds— approximately 11,446.87 ETH worth $34.7 million—to the victim’s address as of press time.
A Major Crypto Heist
On May 3rd, an unnamed crypto trader fell victim to an address spoofing phishing attack, resulting in the theft of 1,155 Wrapped Bitcoin (WBTC) worth approximately $70.5 million at the time. In the following days, the victim scrambled to track the stolen funds as the attacker rapidly converted the WBTC to Ethereum and dispersed it across numerous wallets, complicating recovery efforts. Traditional approaches like cooperation with authorities or blockchain tracing companies appeared fruitless against such a strategically swift money laundering operation.
A Creative Proposal
Rather than accept defeat, the creative victim issued a direct message to the hacker via the Ethereum blockchain. While acknowledging the virtual impossibility of fully laundering such a substantial hack, the message extended an intriguing offer - return 90% of the stolen funds and keep 10% as a bounty, with the assurance that this would conclude the matter. This proposal appealed to the attacker's self-interest while also pressuring them with the futility of cleaning millions of dollars worth of stolen crypto.
Negotiation Bears Fruit
On May 9th, just six days after the initial attack, the hacker responded positively to the victim's proposal, sending over 51 ETH worth more than $150,000 at the time. Further negotiations via Telegram transpired over the next day, culminating in the attacker returning over 11,400 ETH totaling approximately $34.7 million - half of the original funds stolen. Blockchain security firms analyzed the hacker's digital footprint and assessed they may have been involved in additional phishing scams on Ethereum and Tron. Nonetheless, the victim's creative incentive-based strategy succeeded in reclaiming the majority of their lost assets.
Setting an Example
This remarkable case demonstrates how thinking outside traditional approaches can potentially yield results when conventional means have failed victims of crypto hacks and scams. By appealing to an attacker's self-interest through a bounty offer versus empty threats, over $34 million was able to be negotiated back from what seemed a hopeless situation. For future victims, considering creative incentives like limited amnesties may offer a strategy worth exploring, particularly for large hacked amounts when normal channels seem blocked.
