Blockchain researcher recovers stolen funds from NFT heist

ZachXBT, a pseudonymous blockchain researcher, claims to have successfully recovered a majority of funds from a stolen non-fungible token (NFT).

On Feb. 24, ZachXBT shared with his 505,000-plus social media followers the outcome of a nine-month investigation into the theft of the DeGods #3251 NFT. He disclosed that the majority of the funds have been successfully returned to the victim.

The NFT in question was sold for 99 Ether (ETH), amounting to approximately $177,000 at the time.

ZachXBT explained that he received a message from the victim in May 2023, shortly after the victim discovered that his wallet had been emptied.

Who is ZachXBT?

ZachXBT conducts investigations of varying durations, depending on the complexity involved.

He often utilizes simple diagrams to illustrate phishing scams and track fund movements, including through crypto mixers.

He expressed satisfaction in sharing success stories of fund recovery, emphasizing that while the process can be lengthy, it is achievable.

ZachXBT also mentioned his intention to wrap up his pro bono blockchain investigation work soon. This decision came after receiving feedback from frustrated X users who expected assistance in recovering stolen crypto, despite his clear stance that his services are offered free of charge.

He cited this frustration as a reason for discontinuing his public goods work shortly, but it may however take some time.

In May 2023 the rank 1 DeGods NFT was stolen from a victim after visiting a phishing site and sold for $177K (99 ETH).

I am pleased to share I was able to help recover a decent chunk of the stolen funds which have now been returned back to the victim.

While recovery can be a… pic.twitter.com/rBNB2Sjfin

— ZachXBT (@zachxbt) February 24, 2024

Crypto phishing scams drain billions

Phishing attacks targeting cryptocurrency users continue to surge.

Among the various deceptive tactics are so-called “approval phishing scams,” where fraudsters deceive users into approving malicious blockchain transactions. 

On Jan. 22, a sophisticated phishing attack within the Web3 ecosystem resulted in the loss of $4.2 million worth of aEthWETH and aEthUNI tokens. 

Phishing attacks entail deceiving individuals into divulging private keys or personal details, with perpetrators posing as genuine entities to earn trust. 

Spear phishing, which involves crafting emails to seem authentic, and ice phishing, where victims unwittingly relinquish token ownership to scammers, are common forms of such attacks.

The U.S. Securities and Exchange Commission (SEC) has been actively combating phishing scams and attacks by educating investors on how to recognize and avoid such fraudulent schemes.