The Ethereum user who accidentally sent $71 million worth of Wrapped Bitcoin to the wrong address last week—after being hit with an apparent “address poisoning” scam—may be about to get their money back. Or at least some of it.

On May 3, address 0x1E227 sent 1,155 Wrapped Bitcoin (WBTC)—about $71 million worth—to a scammer’s crypto address, after being fooled into thinking the recipient's address was one of their own. The victim has been corresponding with the thief over the blockchain ever since, and was partially refunded with 52 ETH ($156,000) early Thursday.

“Please leave your Telegram and I will contact you,” wrote the thief within the blockchain transaction on Thursday.

The attacker initially stole the funds through a popular technique called “address poisoning” or “wallet contamination.” This involves a scammer sending a zero-value transaction to a target’s wallet from a crypto address purposefully picked to look like one that the victim regularly corresponds with.

AD

In this case, both the victim’s real target address and the scammer’s address began with characters 0xd9A1, and ended with 853a91, making them difficult to tell apart at first glance within most wallet apps.

The scammer’s goal is to bait the victim into copying the fake address from their transaction history the next time they intend to send themselves money, and to intercept that transfer for themselves.

After losing the funds last Friday, the victim initially messaged the thief to admit that they “won”, and asked that they return 90% of the money, keeping 10% as a clean reward.

“We both know that $7 million will definitely make your life better, but $70 million won't let you sleep well,” the victim wrote.

AD

The scammer responded by demanding the victim send the $1.6 million in DAI stablecoin remaining at the wallet address, or else they wouldn’t consider the offer. “If you don't, you won't hear from me again & I won't respond,” the scammer wrote.

The victim followed up with threats to track down the hacker based on their transaction history if they didn’t take the initial 90/10 offer.

“We both know there's no way to clean [these] funds. You will be traced,” the victim wrote. “We also both understand the ‘sleep well’ phrase wasn't about your moral and ethical qualities.”

Onlookers joined in on the conversation, with one offering services to provide data about the hacker, such as IP addresses, in return for $100,000. Others came to the scammer’s defense, congratulating the theft and assuring them that the victim’s threat was a bluff—and calling the victim a “dumb, greedy whale.”

Edited by Andrew Hayward

Daily Debrief Newsletter

Start every day with the top news stories right now, plus original features, a podcast, videos and more.