An NFT collector has just been robbed by hackers. Within hours, he lost all of his digital assets, including his cryptocurrencies. He points to an advertisement on Google hiding malware.
NFT God, an influential collector in the non-fungible token (NFT) market, has been hacked. On Twitter, the influencer claims that his entire ” digital livelihood » was raped by an unknown attacker:
“Every account connected to me both personally and professionally has been hacked […] All the channels I have with my community, friends and family have been compromised in the last 24 hours. My Twitter, Substack, Gmail, Discord and my wallets have all been invaded”.
Last night my entire digital livelihood was violated.
Every account connected to me both personally and professionally was hacked and used to hurt others.
Less importantly, I lost a life changing amount of my net worth
— NFT God (@NFT_GOD) January 15, 2023
At the end of the operation, all the assets in his possession disappeared. The collector managed to go back to the origin of the attack. Apparently, he fell into a crude trap set by cyber criminals using an advertisement on Google. This advertisement, displayed at the top of the search engine results, convinced him to install software called OBS on his computer. It is a video streaming program open-source.
Read also : Donald Trump launches his own collection of NFTs and it’s already a success
A very classic trap
Unfortunately, the program contained a malware. Once installed on the machine, the computer virus has vacuumed all sensitive data, including identifiers (name and passwords) and private keys. Thanks to the private keys, the hackers were able to take control of all of his digital wallets containing NFTs and cryptocurrencies.
“I knew at that moment that everything was gone. All. All my crypto and NFTs have been ripped from me”.
By consulting the blockchain, we discover in particular that the attackers seized 19 ethers, or approximately 27,000 euros, and an NFT from the Mutant Ape Yacht Club collection. This digital artwork is valued around $25,000, CoinTelegraph reports. Some of the loot was transferred to a little-known decentralized exchange, FixedFloat, and converted into other digital currencies.
At the same time, the thieves wanted to use the notoriety of NFT God to fool other Internet users. Tweets relaying to websites of phishing were posted using his Twitter account. The collector quickly reacted by deleting the messages. With the access siphoned by the malware, the criminals also attempted to frame NFT God’s 16,000 Substack subscribers. A handful of emails from phishing were directed to them, ruining the influencer’s reputation. Again, the influencer reacted quickly by warning his community. In an emergency, he reset all his passwords, his computer, and implemented new security measures.
The victim committed a classic mistake : do not go directly to the official site of the software you want to download. Don’t rely on an ad that appears at the top of Google results. Nothing guarantees its authenticity. This precaution makes it possible to avoid unpleasant surprises and fake software put online by scammers. These traps allow cybercriminals to ride on the popularity of a program to quickly generate profits.
“The first sponsored link I clicked on will certainly be the last”summarizes NFT God, aware of his mistake.
Indeed, it is not uncommon for booby-trapped software to be propagated on the web. Likewise, it is very common for hackers to display advertisements on the Google search engine to trick their victims. A few months ago, a fake Google Translate application containing a malware spread online. This third-party application, intended for Windows computers, hid a virus designed to mine anonymous cryptocurrencies, such as XMR, without the knowledge of Internet users. Last year, Changpeng Zhao, CEO of Binance, had also warned cryptocurrency investors about ads on Google. He had also asked the Mountain View giant to take measures to protect Internet users.
Google displays phishing sites when users search CMC. This affects users adding smart contract addresses to MetaMask using these phishing sites. We are trying to contact Google for this, and in the meantime alerting users about this through social channels. pic.twitter.com/3q4860Jl4H
— CZ 🔶 Binance (@cz_binance) October 27, 2022
Crypto-crime increased in 2022
Despite the cryptocurrency crash, cybercriminals continue to prey on holders of digital assets. Last year, the analysis company Chainalysis recorded an increase in illicit transactions on the blockchain. In its annual report, the company specifies that this is the first increase in three years:
“For the first time since 2019, the share of illicit cryptocurrency activity increased from 0.12% in 2021 to 0.24% in 2022.”
Despite the increase, the amount of transactions related to criminal activities remains anecdotal. The vast majority of transfers recorded on blockchains are made by investors and users. Cryptocurrencies are far from being reserved for hackers and scammers.