Moonbirds’ co-founder loses more than $1.4M in NFTs because of one mistake

Web3
Moonbirds’ co-founder loses more than $1.4M in NFTs because of one mistake

Kevin Rose, the creator of the non-fungible token (NFT) collection Moonbirds, has lost his NFTs worth more than $1.4 million through a phishing attack.

Kevin Rose was tricked, crypto Twitter reacts

The NFT inventor and co-founder of PROOF informed his Twitter followers of a phishing incident and urged them to “please avoid buying any squiggles” until they are flagged. It is believed that Rose signed a malicious signature that gave the exploiter access to a substantial percentage of his NFT assets. 

Arran Schlosberg, the VP PROOF, Tweeted that Kevin Rose (KRO) was tricked into signing a fraudulent signature, which permitted the scammer to transfer a significant amount of tokens, despite having shared self-governing on-chain analyses. This incident was a typical example of social engineering that deluded KRO into believing his funds were safe. Nevertheless, OpenSea intervened and restricted the hack’s technical capabilities to create more signatures.

One on-chain analyst dubbed “Quit” provided the following additional explanation to his followers regarding how the Seaport marketplace that drives OpenSea can be both dangerous and powerful.

Quit clarified that the exploiters had created a phishing website to access Rose’s wallet’s NFT holdings.

Degentraland, a crypto Twitter user, expressed his sentiments that this NFT attack was the “saddest thing” they had witnessed in the field of cryptocurrencies to date. He hailed Kevin that anyone could recover from such an ordeal, “it’s him.”

However, not everyone was remorseful for Kevin’s unfortunate experience. For instance, Ryan Sean Adams, the creator of Bankless, was furious at how easily the perp took advantage of Rose. Sean challenged front-end engineers to step up their game and enhance user experience (UX) to stop such scams from happening.

Stolen funds are on the move

The adversary then set up an order to transfer to them all of Rose’s holdings that have been accepted on OpenSea. Arran, the VP engineer of PROOF, clarified that various assets, including NFTs, ETH, and others owned by PROOF, were untouched and not in danger because they require multiple signatures for access to be granted.

Reportedly, the sum taken may be as much as $2 million, according to a Twitter user who also pointed out that most of the stolen assets could be valued much higher than the floor price. 

Moreover, a transaction trail released by on-chain expert “ZachXBT” reveals that the perp transferred the funds to FixedFloat, a cryptocurrency exchange on the layer-2 “Lightning Network” of Bitcoin. Without much ado, the hacker used FixedFloat to swap the funds into Bitcoin (BTC) and then sent them to a bitcoin mixer to cover their tracks. 

NFTs, the new hackers’ playtoy

The year 2022 ended with many folks crying foul for losing funds in mismanaged crypto networks and exchanges. But statistically, it was through hacks that most crypto communities were preyed upon. Unexpectedly, those woes have extended to this year and are concentrated in the NFT sector this time round.

To recap recent incidents reported here in nft.news, a renowned crypto fanatic dubbed NFT God lost almost all of his savings on the 15th of January. The hackers swindled all his NFTs and cryptocurrency holdings, as is a norm in such attacks. Furthermore, hackers have also been targeting unwary users online by exploiting the current frenzy around Pokemon NFT cards. 

These are less than week-old stories, and nobody is safe from the look of things because even staunch developers have succumbed to fraudsters’ trickery traps, Kevin being exhibit A. If you have been looking for solutions to keeping your NFTs safe, please take a gander at our guide here. It may not be much because of fraudsters’ constant update of their skills, but it could be enough to mitigate their extreme measures. 

Follow Us on Google News