Targeted phishing scam nets $438K in crypto and NFTs from hacked Beeple account

Published at: May 23, 2022

Digital artist and popular nonfungible token (NFT) creator Mike Winkelmann, more commonly known as Beeple, had his Twitter account hacked on Sunday as part of a phishing scam.

Harry Denley, security analyst of MetaMask, alerted users that Beeple’s tweets at the time containing a link to a raffle of a Louis Vuitton NFT collaboration were, in fact, a phishing scam that would drain the crypto out of users’ wallets if clicked.

⚠️ Beeple's Twitter account has been compromised (ATO) to post a phishing website to steal funds.0x7b69c4f2ACF77300025E49DbDbB65B068b2Fda7D0xF305F6073CFa24f05FF15CA5b387DD91f871b983 pic.twitter.com/0MPNwOPlEu

— harry.eth (whg.eth) (@sniko_) May 22, 2022

The scammers were likely looking to capitalize on a real recent collaboration between Beeple and Louis Vuitton. Earlier in May, Beeple designed 30 NFTs for the luxury fashion brand’s Louis The Game mobile game, which were embedded as rewards to players.

The scammer continued to post phishing links from Beeple’s Twitter account, leading to fake Beeple collections that lured in unsuspecting users with the promise of a free mint for unique NFTs.

Bad actors continue have access to Beeples Twitter account and they have now tweeted another phishing domain.This one just prompts the user to send ETH to an EOA (0xcad7fc974F61A08ADEF110D1BA446fa5b5B5Bb27).Infra: 44.227.238.106 pic.twitter.com/HzTga1OvNK

— harry.eth (whg.eth) (@sniko_) May 22, 2022

The phishing links were up on Beeple’s Twitter for around five hours, and an on-chain analysis of one of the scammers’ wallets shows the first phishing link scored them 36 Ether (ETH), worth roughly $73,000 at the time.

The second link netted the scammers around $365,000 worth of ETH and many NFTs from high-value collections such as the Mutant Ape Yacht Club, VeeFriends and Otherdeeds, among others, bringing the grand total value stolen from the scam to around $438,000.

On-chain data shows the scammer selling the NFTs on OpenSea and putting their stolen ETH into a crypto mixer in an attempt to launder the gains.

Beeple later tweeted that he had regained control of his account and added to remind his followers that “anything too good to be true IS A F*CKING SCAM.”

ugh we’ll that was fun way to wake up. Twitter was hacked but we have control now. Huge thanks to @garyvee ‘a team for quick help!!!!

— beeple (@beeple) May 22, 2022

Related: Needed: A massive education project to fight hacks and scams

Beeple has created three of the top ten most expensive NFTs sold to date including one which sold for $69.3 million, the most expensive ever sold to a sole owner. This attention has made him a target for hacks.

In November 2021, an admin account on Beeple’s Discord was hacked with scammers there also promoting a similarly fake NFT drop which resulted in users losing around 38 ETH.

Earlier this month, cybersecurity firm Malwarebytes released a report which highlighted a rise in phishing attempts as scammers try to cash in on NFT hype. The firm noted the use of fraudulent websites depicted as legitimate platforms is the most common tactic used by scammers.

Tags
Artists
Nft
Tokens
Hacks
Hackers
Phishing
Wallet
Twitter
Scams
Fraud
Related Posts
Nifty News: Christie’s NFT expert to lead CryptoPunks, fake heiress launches NFT collection
Noah Davis, the nonfungible token (NFT) specialist at auction house Christie’s, has said he’s leaving the position in July to take up a post as brand lead for the CryptoPunks NFT collection with Yuga Labs. Announcing the move on Sunday in a Twitter thread, Davis looked to quash any anxieties holders had regarding the future of one of the oldest NFT projects, saying he “will not f*ck with the punks.” What does that mean? It means no Punks on lunchboxes or cringe TV shows/shitty movies. It means no arbitrary rushed utility or thoughtless airdrops. It means if you love your …
Nft / June 20, 2022
Rare Bears Discord phishing attack nabs $800K in NFTs
Recently launched NFT project, Rare Bears, was hit with an attack, after a hacker posted a phishing link in the project's Discord channel, stealing nearly $800,000 in NFTs. Analysis from blockchain security firm Peckshield detailed that the attacker was able to steal 179 NFTs, including Rare Bears and other NFTs from various collections, including CloneX, Azuki, a “mfer” from artist sartoshi, and 6 LAND tokens used for The Sandbox metaverse. According to on-chain analysis, most of the NFTs were sold, netting the hacker 286 ETH, worth over $795,500, most of which was promptly put through Tornado Cash, a crypto mixer …
Nft / March 18, 2022
Beeple's Discord URL 'hijacked,' directing users to wallet drainer
Non fungible token (NFT) artist Mike "Beeple" Winkelmann has found himself the target of phishing scammers yet again, warning users that the URL link to his official Discord server was “hacked” — sending unaware new members to a wallet draining Discord channel if they follow the link. In an Oct. 3 post UTC, the NFT artist called out Discord for “being garbage,” warning users not to go into the Discord and verify as it will “drain your wallet.” it appears our discord URLs were hacked to point to a fraudulent discord. DO NOT go into that discord and do not …
Artists / Oct. 4, 2022
Hackers takeover Azuki’s Twitter account, steal over $750K in less than 30 minutes
Azuki, a popular nonfungible token (NFT) project, had its Twitter account compromised on Jan. 27 leading to hackers stealing over $750,000 worth of USD Coin (USDC) by posting a malicious “wallet drainer link” posed as a virtual land mint. Hackers stole $751,321.80 USDC from a single wallet within half an hour of the malicious links being tweeted, according to Etherscan data provided to Cointelegraph by crypto wallet security firm Wallet Guard. The data also revealed that hackers stole a further $6,752.62 worth of USDC from various wallets holding 11 NFTs and over 3.9 Ether (ETH). Wallet Guard stated that the …
Nft / Jan. 28, 2023
'Haunts me to this day' — Crypto project hacked for $4M in a hotel lobby
The co-founder of Web3 metaverse game engine “Webaverse” has revealed they were victims of a $4 million crypto h after meeting with scammers posing as investors in a hotel lobby in Rome. The bizarre aspect of the story, according to co-founder Ahad Shams, is that the crypto was stolen from a newly set up Trust Wallet and that the hack took place during the meeting at some point. He claims the thieves could not have possibly seen the private key, nor was he connected to a public WiFi network at the time. The thieves were somehow able to gain access …
Nft / Feb. 7, 2023