1. Home
  2. wallet hack

wallet hack

Victim of 90 ETH exploit set to claw funds back after hacker was blacklisted

The hacker’s wallet with more than $100K worth of USDT was blacklisted and frozen, while the Victim had been drained for almost $170K worth of NFTs and other assets.

With the help of police and cyber authorities, a victim of a hack worth 90 Ether (ETH) has gotten the attacker’s Tether (USDT) address blacklisted. As a result, they may be able to get most of their funds back.

The victim, who goes by @l3yum on X (Twitter), was initially drained on March 16 after the hacker managed to get a hold of their hot wallet seed phrase. Several Yuga Labs-related NFTs were stolen, alongside some crypto and other NFTs from smaller projects, and then promptly swapped or sold off.

In an Aug. 11 X thread, L3yum highlighted that the hacker’s Ethereum-based USDT address had been blacklisted, as he noted that: “Today after working with the police and cyber team in my country, I was able to get the stolen funds sitting in USDT frozen and black listed.”

At the time of writing, 90 ETH is equivalent to roughly $166,000 and the blacklisted wallet has $107,306 worth of USDT locked up in it, suggesting the victim may not get the full value of their stolen funds back.

While it is also not yet 100% certain if the victim will be reimbursed, in previous instances in which a USDT address has been blacklisted under similar circumstances, Tether has burned the blacklisted USDT and re-issued equal amounts of the asset to the original owner.

It is also worth noting that the blacklisting of a USDT address by Tether generally comes after a court order.

Related: How easy is a SIM swap attack? Here’s how to prevent one

When asked if this was the case in the comments, L3yum confirmed this was the likely path forward, but suggested it hasn’t been confirmed yet.

“This is the part I’m unsure about but yeah from my understanding this is how it works and the funds that are blacklisted are essentially burnt. Don’t quote me on that though, but that is my understanding!” he wrote.

It is not entirely clear how the hacker got access to the seed phrase in March, however the general thought at that time was that the victim had either been SIM-swapped, mistakenly had their seed phrase backed up on iCloud, or had been using the wallet across several devices.

Magazine: NFT Collector: On-chain music sounds off with latest raise, artistic duo Hackatao find their lane

Crypto’s Unseen Impact on Treasury Demand: How Tokenization Might Redefine Market Hedging