Assisted by law enforcement and cybersecurity agencies, a target of a 90 Ether (ETH) hack valued at $1,850 has successfully managed to have the perpetrator’s Tether (USDT) address, valued at $1.00, added to a blacklist. This action raises the possibility of the victim reclaiming a significant portion of their funds.
The individual identified as L3yum on X (formerly known as Twitter) experienced an initial breach on March 16th, when the hacker gained access to their hot wallet seed phrase. During the incident, various nonfungible tokens (NFTs) related to Yuga Labs, as well as crypto assets and NFTs from smaller projects, were taken. Subsequently, these assets were swiftly converted or sold.
In a thread dated August 11th on X, L3yum emphasized that the Ethereum-based USDT address of the hacker had been added to a blacklist: “Today, in collaboration with law enforcement and cybersecurity experts in my country, I successfully froze and blacklisted the pilfered funds stored in USDT.”
As of the current moment, 90 ETH translates to approximately $166,000 in value. The wallet that has been added to the blacklist contains $107,306 worth of USDT that is frozen, indicating that the victim might not recoup the full sum of their stolen funds.
The prospect of reimbursement for the victim remains uncertain. Nevertheless, in past cases resembling this scenario, where a USDT address was blacklisted, Tether has taken the step to invalidate the blacklisted USDT and re-issue an equivalent amount of the asset to the original owner.
Furthermore, it’s important to highlight that Tether generally enacts the blacklisting of a USDT address following the issuance of a court order.
In response to inquiries in the comments, L3yum affirmed that this was probably the likely course of action, but indicated that it hadn’t been definitively confirmed yet.
L3yum mentioned, “This is the aspect I’m uncertain about, but based on my understanding, this is the process, and the blacklisted funds are essentially rendered unusable. However, please don’t take this as a definitive statement; it’s just my understanding!”
The method by which the hacker gained access to the seed phrase in March remains unclear. Nonetheless, prevailing thoughts during that period suggested that the victim could have fallen victim to a SIM-swap, might have unintentionally stored their seed phrase on iCloud, or could have utilized the wallet on multiple devices.