Crypto Turnaround: Hacker Returns $65 Million in Stolen Ethereum After Negotiations

A hacker who initially stole 1,155 Wrapped Bitcoin (wBTC), valued at $68 million, from a user via an address poisoning attack, has returned nearly all of the stolen funds, according to recent blockchain analysis. The stolen wBTC had been exchanged for Ether (ETH) during the period it was held by the attacker, and interestingly, the value of ETH had decreased during this time.

The attacker returned approximately 22,960.07 ETH, totaling around $65.7 million, which constitutes over 96% of the original US dollar value of the stolen funds. The restitution began at 8:47 am UTC on May 10, with multiple wallets initiating transfers of ETH back to the victim’s account. The initial transaction was for 29.999 ETH, valued at $87,199 at the time. Over the next day, more than 225 wallet transactions occurred, with individual transfers ranging from 29 to 67 ETH, culminating in the victim’s wallet amassing over 29,000 ETH.

This flurry of transactions followed after communications between the victim and the attacker, during which the victim initially agreed to let the attacker keep 10% of the funds as a bounty. However, it appears that agreement was dissolved as the attacker returned more than 90% of the funds.

A report from the blockchain security platform Match Systems, which Cointelegraph reviewed but could not verify independently, indicated that enhanced negotiation tactics bolstered by security advancements led to the recovery. Match Systems had analyzed the incident thoroughly, identifying key strategies that improved the victim’s bargaining position, ultimately prompting the attacker to return the entire stolen amount of 22,960 ETH.

Despite the resolution, address poisoning remains a significant threat in the crypto community, with experts recommending meticulous verification of recipient addresses before executing any transactions to prevent similar thefts.