The attacker who pulled off a $68 million address poisoning scam has posted two messages agreeing to negotiate with the victim.
The address-poisoning attacker who allegedly tricked a user into sending them $68 million worth of Wrapped Bitcoin (WBTC) has sent $153,000 worth of Ether (ETH) back to the victim in an apparent show of good faith. In the same transaction, the attacker sent a message agreeing to negotiate and asking the victim for a Telegram username where they can be contacted. The amount sent back represents just 0.225% of the total funds allegedly stolen.
Blockchain data shows that on May 5, the attack victim, whose account ends in 8fD5, sent three messages to an account ending in dA6D. The recipient of the message had received funds from the attacking account, labeled “FakePhishing327990” on Etherscan, through several intermediate accounts. This implies that dA6D was likely to have been controlled by the attacker.
The messages implied that the victim was willing to give the attacker 10% of the funds as a bounty and refrain from prosecuting if they returned the other 90%. The victim stated: