bloXroute co-founder: How to "outpace" hackers who have stolen mnemonic phrases?
After the wallet's mnemonic phrase was stolen, the white hat team engaged in a competitive action with the scam hacker over the staked assets and rewards of the wallet.Author: Eyal Markovich, co-founder and CEO of bloXroute
Original Title: “Ellipsis.Finance Rescue”
Compiled by: Biscuit, Chain Catcher
A few months ago, the Flashbots white hat team collaborated with the bloXroute project, allowing Flashbots clients on BSC to use the bloXroute BDN for assistance. Maor from the white hat team shared a case with me, and I have included screenshots of our conversation in this article with his permission.
In December last year, the Flashbots team received a rescue request. Although I have experience in rescue operations across multiple public chains, I had never experienced private network nodes, so I participated in this rescue for learning purposes. The victim had their wallet private key stolen by scammers, and at that time, the wallet was staking a large amount of tokens from the Ellipsis.Finance project, earning hundreds of dollars daily, with these tokens set to unlock in about two months.
Although searching for Ellipsis Finance on Google yields advertisements, this case involved scammers impersonating official personnel in the official Telegram group to defraud the victim.
At that time, the user encountered technical issues and sought help in the group, where the scammers impersonated official personnel and sent him a fake website, subsequently obtaining the victim's wallet mnemonic.
After obtaining the victim's wallet mnemonic, the scammers began to steal the account's assets.
After draining any available funds, the scammers then targeted the victim's staking rewards. This case illustrates why one should never negotiate with scammers. The scammers promised the victim that they would return the account and cease harassment after paying 10,000 USDT. Unsurprisingly, after the victim paid the 10,000 USDT ransom, the scammers demanded more.
After taking over the case, I examined the scammers' trading bot code and realized that a fast and reliable network provider was needed to defeat them on the BSC chain, as BSC is faster and more chaotic than the Ethereum network and lacks private trading solutions.
I immediately installed a bloXroute BSC gateway and got to work, then built a bloXroute-based scanner on the victim's account to speed up BNB transfers and prepared a script to collect staking rewards accordingly.
Within days, I was able to outpace the scammers in transfer speed each time and send the staking earnings to the legitimate owner.
A week later, the white hat team received another rescue request, and the account address seeking help was the same as in this case.
I quickly assessed and confirmed that this was the same scammer, who was looking for ways to defeat the bloXroute gateway bot.
To prevent this scammer from seeking help from other white hats, I decided to deceive him until the staked funds were released.
I continually assured the scammer that I was developing a super-fast bot. Of course, I wasn't completely lying, as I discovered several BSC network hackers during my research and adjusted the connectivity and speed of the bloXroute gateway, which would make the bot more powerful.
As any white hat would tell you, all rescues happen in the middle of the night, and this was no exception. At 2 AM, I began running the script, extracting all staked assets and transferring them to a secure location. Ultimately, the victim recovered a portion of their lost funds.
