One MetaMask user lost his funds after allowing access to a criminal through a phishing attack, but some quick thinking allowed a white hacker to recover half the amount.
The victim was directed to the white hat hacker on Reddit, but not before he was admonished for doing the one thing you must not do as a crypto owner.
Almost every new day you hear about a phishing attack that targeted a crypto user and made off with his stash. But how often do you hear that the victim got his crypto back – or at least half of it? For one MetaMask user, this is exactly what happened. After falling victim to a phishing attack, he appealed for help on social media and one white hat hacker acted quickly to outwit the criminal.
The one thing that as a cryptocurrency owner you must not do is give out your private keys to anyone, much less people on the internet posing as support staff. But one Reddit user, whose username ironically is “happyguy,” did just that. He fell victim to the attackers who tricked him into clicking on a link that gave access to his wallet.
He then took to Reddit to reveal what had happened, resigned to losing his $240,000 worth of crypto from his MetaMask wallet. As it always happens, online strangers trolled and laughed at him for committing the original crypto sin.
However, one user pointed out that he can reach out to a platform that connects users with white hat hackers, and maybe they might be able to help him out. White hat hackers use their prowess for good. He did this, and as it would turn out, he linked up with Ale Manuskin, a former blockchain researcher at ZenGo, leading to the recovery of part of his crypto stash.
Outwitting the criminal and recovering the stolen crypto
When Manuskin received the request, he was just enjoying a quiet evening, as he told one outlet. He knew he had to act quickly and so the first thing he did was ascertain that the supposed victim owned the wallet. This was a conundrum for the victim – he was being asked to surrender his private keys, the same thing that had put him in the situation in the first place.
The hacker then immediately drained the MetaMask wallet of all the Ethereum it had. MetaMask requires its users to have some ETH to fund transactions. As such, the criminal couldn’t transfer any more money out of the wallet. But then again, neither could the white hat hacker.
To solve this, he turned to Flashbots, a service that allows developers and miners to communicate. Through Flashbots, developers can send transactions directly to miners for processing, without having to put them on the network and hope they get picked up. Even more importantly, it allows the developers to pay for these transactions via other means. This allowed Manuskin to transfer funds out of the wallet without having any ETH on MetaMask.
It took the developer about six hours, he revealed. Of the $120,000 that the criminal hadn’t drained from the wallet, Manuskin managed to recover $117,000 for the victim.
