Malicious entities hacked Beeple, A famous digital artist's Twitter account this Sunday. They used it to scam his followers of $438,000 before the account was recovered.
The attack spanned just 5 hours during which wallet holders were deceived into clicking a link that looked legit. The accounts were robbed immediately when they clicked the link.
Phishing attacks like this have become more common in the crypto community in recent times. Earlier this year, Opensea, a crypto network, experienced one such attack. Victims lost almost $2 million worth of NFTs in that unfortunate event.
Read on to find out more details and how to avoid falling victim to such scams.
In a phishing attack that happened within the space of 5 hours, followers of Beeple, a celebrated digital artist, were scammed of $438,000. The attack happened on Sunday when malicious entities hijacked the celebrated artist’s Twitter account and posted a disguised phishing link.
The post looked like a raffle of a collaboration between Beeple and Louis Vuitton, the luxury fashion brand. But when followers clicked on it, the hackers were immediately able to transfer funds out of their wallets.
About Beeple
Michael Joseph Winkelmann popularly known as Beeple hit the NFTs scene big in 2021 when he sold the highest priced NFT artwork to date. The piece, “Everydays-The First 500 Days", was sold at a Christie’s auction going for 69.3 million dollars.
Before then, he had already built a community of followers through a series he has run for 15 plus years now. The series consisted of artworks he called “Everydays”, which he posted on his social media every day, one per day.
The Scammers' Strategy.
However, after the hit sale, his popularity sky-rocketed, landing him large deals one of which the hackers imitated in their phishing attack. The deal in question was his collaboration with Louis Vuitton fashion House last year. As part of a game the fashion house hosted in December, the American artist had designed 10 NFT collectibles. The game, created to celebrate the 200th anniversary of Louis Vuitton’s founder’s birth, required players to collect some NFTs as they played. Beeple's art was 10 of the 30 collectibles that made the cut.
So, to authenticate their suspicious activities, the scammers simply made their site incorporate elements of this collaboration. Followers of the best-selling artists easily fell for the sinister plan and lost $438,000 before someone raised an alarm.
5 Hours and Minus $438,000 Later.
The first people heard about this scam was when Harry Denley, a security analyst for Metamask
tweeted a warning. He posted that Beeple’s Twitter account had been compromised and used to steal from wallet owners through a phishing link.
He also mentioned the specifics of the lost assets which summed up to $438,000. 5 hours later, Winkelmann succeeded in recovering his account and confirmed the bad news.
He reiterated that he would never drop a minting on his followers out of the blue. He also warned them to be careful of offers that ‘look too good to be true because they most often are.
His warning came too late for those who had lost precious assets though.
Phishing Attacks are Becoming More Prominent.
The menace called phishing attacks has become a serious security issue for the crypto community.
Phishing is a cybercrime strategy whereby malicious entities use a legitimate and trusted platform to gain access to victims' data, or wallets. Usually, they post a link that seems legit and when unsuspecting users click on it, they steal from them. It could be NFTs, cryptocurrencies, or even sensitive information.
Earlier this year, Opensea was exposed to one such attack which lost 17 victims and 250 NFTs worth about $1.7 million. Other major Crypto sites have also recorded many of these scams or attempted scams including Coingecko, Dextools, and Etherscan.
The bad actors always follow the same formula; they promise lucrative one-time airdrops or such benefits which users can only access if they connect their wallets right away. Wallet holders in an attempt to get first dibs on these opportunities hurriedly connect their wallets and easily fall victim, losing valuables in the process.
How to Avoid Falling Victim to Such Attacks
Crypto security Networks advise crypto and NFTs holders to refrain from connecting their wallets to random out-of-the-blue airdrop announcements. Digital assets rarely drop without enough advance notifications. Therefore, any announcement that does not follow due protocol is likely to be malevolent and should be avoided.
One hopes that this insecurity issue will soon be properly addressed. It could potentially lead to loss of trust and can be fatal for crypto investments.
Author: Gate.io Observer:
M. Olatunji
Disclaimer:
* This article represents only the views of the observers and does not constitute any investment suggestions.
*Gate.io reserves all rights to this article. Reposting of the article will be permitted provided Gate.io is referenced. In all other cases, legal action will be taken due to copyright infringement.