Kaspersky: New Malware Targeting Crypto Firms

By Philip Maina

4 hours agoMon May 13 2024 09:57:44


Reading Time: 2 minutes

  • A scammer has expressed interest in negotiating with a victim after sending part of the funds he had stolen
  • The scammer had stolen roughly $70 million in an address-poisoning scheme
  • The two are still locked on how much the attacker should keep as a bounty

The scammer who stole nearly $70 million through an address poisoning attack has found themselves in a tough position after unknowingly returning part of the booty. The attacker had sent $153,000 in ETH but the victim demanded that he take 10% and return the rest. The scammer responded requesting they take the conversation to Telegram, increasing the chances of the two reaching an agreement.

You’ll “Sleep Well” at Night

According to blockchain details, the malicious actor initiated the transaction five days ago on May 5 after confusing his address with that of the victim implying that he also had another address that closely resembles that of the victim.

The two later started a conversation with the victim offering the scammer 10% as a bounty saying it’ll help the attacker “sleep well” at night. According to the victim, the scammer has limited options if he tries to “clean” such a huge stash of money.

The attacker had asked the victim to send them the remaining funds in their wallet, approximately $1.6 million, as a condition for them to even consider the 10% offer, prompting the victim to respond by threatening to involve law enforcement agencies.

$100,000 to Unmask the Scammer

The discussion attracted the crypto community with some offering their help to unmask the scammer at a fee of not less than $100,000. Others, however, encouraged the attacker to keep the funds saying that the victim is unable to track him.

Scammers have continuously changed their business model with the latest being the use of bit-flip attacks to drain crypto wallets. Malicious actors are also creating phony DeFi protocols to nab unsuspecting users. Other tactics placing Google ads and spoofing popular websites like Etherscan.

Although the scammer seems reluctant to return the funds, the victim may involve law enforcement agencies due to the amounts involved.

Related Articles

Back to top button