After six days of silence, stolen crypto funds related to a recent $71 million wallet impersonation scam have started to move. The scam occurred on May 3 when an investor fell victim to a wallet poisoning scam and sent $71 million worth of Wrapped Bitcoin (WBTC) to a bait wallet address. The scammer had created a wallet address with similar alphanumeric characters and made a small transaction to the victim’s account.
Like many investors, the victim validated the wallet address by checking the first and last few characters, but did not notice the difference in the middle characters, which are often hidden on platforms for visual appeal. The hacker then converted the stolen WBTC to approximately 23,000 ETH, a common practice among hackers to make it easier to siphon funds using privacy protocols like Tornado Cash. The converted funds remained dormant in the scammer’s wallet for six days.
However, on May 8, blockchain investigation firm PeckShield observed that some of the stolen funds were being laundered. The scammer divided the loot into multiple parts and started sending it to various crypto wallets. To reduce traceability, the scammer used around 400 crypto wallets, eventually distributing the funds across more than 150 wallets. At present, all the stolen funds can still be traced back to the unknown scammer.
Crypto scammers and hackers tend to be most active during bull markets. To protect your cryptocurrencies, it is important to store them securely. Additionally, a new type of scam has emerged that allows bad actors to drain users’ wallets without transaction approval, targeting tokens that comply with the ERC-2612 token standard. This standard permits “gas-less” transfers or transfers by a wallet that does not hold ETH. However, the user must be tricked into signing a message to enable approval-less transactions. The scam was orchestrated by a Telegram group featuring a fake version of the Collab.Land Telegram verification system.