[eli]

I believe the thief demanded payment first, outside of escrow. Which seems odd considering they actually did return the name. Maybe they were afraid Escrow.com would determine the domain was stolen and simply return it to its owner?

[DEinspanjer]

Totally guessing, but it might be the thief was getting antsy and wanted to conclude a deal quickly. Maybe they did in fact have another buyer on the hook. Rather than spend all the extra time going through escrow and the potential risk of the buyer doing exactly what she intended to do (rely on raising the dispute of the domain after escrow had both halves of the transaction), the thief tried to pressure a quick sale through less regulated means.

From what I understand though, it isn't all that easy to actually stop a wire transfer once it is being processed. I wouldn't be at all surprised to hear that both sides might have actually gotten the money and the backing bank will be left trying to go after one or both of them for it.