Skip to main content

Source: Сointеlеgrаph

Kevin Rose, co-founder of the Moonbirds non-fungible token (NFT) collection, was the victim of a phishing scam that resulted in the theft of over $1.1 million worth of his personal NFTs.

On January 25, the NFT creator and co-founder of PROOF shared the news with his 1.6 million Twitter followers, asking them not to buy any Squiggles NFTs until they managed to flag them as stolen.

“Thank you for all the kind words of support. There will be a full report,” he shared in a separate tweet about two hours later.

It is understood that Rose’s NFTs were leaked after signing a malicious signature that transferred a significant portion of his NFT assets to the attacker.

Arkham’s independent analysis showed that the exploiter extracted at least one autoglyph (345 ETH), 25 art blocks aka Chromie Squiggle (332.5 ETH) and nine OnChainMonkey items (7.2 ETH).

In total, at least 684.7 ETH ($1.1 million) was extracted.

How Kevin Rose was exploited

Despite several independent analyzes being published online, Arran Schlosberg, vice president of PROOF – the company behind the Moonbirds – explained to his 9,500 Twitter followers that Rose “was tricked into signing a malicious signature” that allowed the exploiter to transfer a large number of tokens:

Cryptocurrency analyst “foobar” elaborated on the “technical aspect of the hack” in a separate post on Jan. 25, explaining that Rose has approved a contract with the OpenSea marketplace to move all of his NFTs whenever Rose signs transactions.

He added that Rose was always “one malicious signature” away from the exploit:

The crypto analyst said that Rose should have instead “placed” his NFT holdings in a separate wallet:

“Moving assets from your vault to a separate ‘sell’ wallet before listing on NFT marketplaces will prevent this.”

Another network analyst, “Kvit”, told his 71,400 Twitter followers that the malicious signature was included in the Seaport marketplace contract, the platform that runs OpenSea:

Kwit explained that the attackers managed to set up a phishing site that could view the NFT assets stored in Rose’s wallet.

The exploiter then set up a process for transferring all of Rose’s assets approved in OpenSea to the exploiter.

Rose then confirmed the malicious transaction, Quit notes.

Related: Bluechip NFT Project Moonbirds Signs with Hollywood Talent Agents UTA

Meanwhile, foobar noted that most of the stolen assets were well above the floor price, meaning the amount stolen could be as high as $2 million.

The exit urged OpenSea users to “run away” from any other website that prompts users to sign something that looks suspicious.

NFTs on the move

Network analyst “ZachXBT” shared a transaction map with his 350,300 followers on Twitter, which shows that the exploiter has sent assets to FixedFloat, a cryptocurrency exchange on the second level of bitcoin “Lightning Network”.

The exploiter then transferred the funds to bitcoin (BTC) and before depositing BTC into the bitcoin mixer:

Crypto Twitter contributor “Degentraland” told his 67,000 Twitter followers that it was “the saddest thing” they’ve seen in the cryptocurrency space to date, adding that if anyone can come back from such a devastating feat, it’s “he”:

Meanwhile, Bankless founder Ryan Sean Adams was furious at how easily Rose had been exploited. In a Jan. 25 tweet, Adams urged front-end engineers to get into the game and improve the user experience (UX) to prevent such scams.

Source: Сointеlеgrаph

Leave a Reply