User Recovers $129 Million Sent to Phishing Address

An unnamed user transferred $129 million in USDT to scammers after copying an incorrect address from their transaction history. Unlike most such incidents, the recipients returned the funds within six hours.

?不知道哪位遭遇了首尾号相似钱包地址的钓鱼攻击，误转了 1.29 亿 USDT 给钓鱼地址：

THcTxQi3N8wQ13fwntF7a3M88BEi6q1bu8https://t.co/vhPxMpewc8

不过，钓鱼团伙不到 1 小时归还了其中 90%，然后又过了 4 个多小时把剩余的 10% 也归还了…

情报来自 InMist 成员。 https://t.co/cFhK3sM8Go

— Cos(余弦)?‍?️ (@evilcos) November 20, 2024

According to analysts at Scam Sniffer, citing SlowMist data, the victim’s transaction history included a suspicious address with similar ending characters to a familiar wallet. The user failed to verify and sent funds to the imposter wallet.

This method is known as “address poisoning”. Scammers create an address resembling one familiar to the potential victim and send a minor transaction, which appears in the user’s history.

The perpetrators hope the victim will not verify the full identifier and will copy the fake address when making a transaction.

In May, a similar attack led to an unnamed trader losing $68 million. In July, the hacker group Pink Drainer fell victim to address poisoning, losing 10 ETH.

Surprised by the swift return of funds, some X users speculated that the scammers were intimidated by the large sum. Someone transferring $129 million could potentially hire analysts and hackers to track down the culprits, posing a threat.

Others suggested that a decent person, rather than a scammer, was on the other end of the transaction and voluntarily returned the funds.

Earlier, on November 10, a trader who lost about $26 million due to a copying error asked the community for help in recovering the funds, offering a 10% reward.