An NFT phishing attack targeted Beeple followers on Sunday. Despite increased efforts to curb illegal activity, cybercriminal activity has surged in 2022.
Illicit activity across the NFT space shows no sign of abating any time soon. The increased risk of capture has done little to deter cybercriminals as mainstream interest in NFTs accelerates.
In the US, the US Secret Service, a new FBI crypto unit, and a National Cryptocurrency Enforcement Team (NCET) are currently targeting cybercrime. Yet, phishing scams, rug pulls, and ransomware crimes continue to hit investors in the US and beyond.
Despite the increased risk of capture, cybercriminals were back in action over the weekend.
On Sunday, cybercriminals targeted world famous NFT creator Beeple’s Twitter account as part of the latest phishing scam.
MetaMask Security Analyst Harry Denley alerted Beeple’s Twitter followers of an account hack to post a phishing website to steal funds.
⚠️ Beeple's Twitter account has been compromised (ATO) to post a phishing website to steal funds.
0x7b69c4f2ACF77300025E49DbDbB65B068b2Fda7D
0xF305F6073CFa24f05FF15CA5b387DD91f871b983 pic.twitter.com/0MPNwOPlEu— harry.eth 🦊💙 (whg.eth) (@sniko_) May 22, 2022
Denley also shared a copy of the phishing scam, which included a link to a Louis Vuitton NFT raffle. The attack would then drain crypto from the wallets of users clicking the link.
It was a two-pronged attack, with Denley alerting users of a second phishing scam reportedly more sophisticated than the first.
Bad actors continue have access to Beeples Twitter account and they have now tweeted another phishing domain.
This one just prompts the user to send ETH to an EOA (0xcad7fc974F61A08ADEF110D1BA446fa5b5B5Bb27).
Infra: 44.227.238.106 pic.twitter.com/HzTga1OvNK
— harry.eth 🦊💙 (whg.eth) (@sniko_) May 22, 2022
The first attack netted 36 Ethereum (ETH) and the second about $365,000 in ETH and NFTs.
Four hours after Denley’s first alert, Beeple tweeted that his account was back under his control.
ugh we’ll that was fun way to wake up. 😫
Twitter was hacked but we have control now. Huge thanks to @garyvee ‘a team for quick help!!!! 🙏🙏🙏
— beeple (@beeple) May 22, 2022
With mainstream players taking a greater interest in Web3, collaborations to launch collections have given cybercriminals another avenue to scam collectors.
Scammers are not only targeting Twitter in phishing accounts but also Instagram and platforms lacking the appropriate security measures.
While hauls were not newsworthy in 2021, the surge in the value of NFTs this year has made the NFT market a lucrative target.
According to Top10 VPN,
“Financial losses from NFT crime are 667% higher in 2022 than over all of 2021.”
Other key stats include,
Top10VPN also provided a table of hacks that led to financial loss.
The five largest hacks took place in 2022, totaling $41.7 million, with sports NFT platform Lumpo seeing a hot wallet breach and a loss of $18.7 million.
Based on these numbers, agencies will have their work cut out to deter scammers, protect investors, and support continued growth in the virtual asset space.
With over 20 years of experience in the finance industry, Bob has been managing regional teams across Europe and Asia and focusing on analytics across both corporate and financial institutions. Currently he is covering developments relating to the financial markets, including currencies, commodities, alternative asset classes, and global equities.