Hacker stole NFTs worth $1,5 million with phishing link

What’s new? A member of the private club of the collectors of NFTs, PROOF Collective, under the nickname DigitalOrnithologist, has become a victim of a hacker. The attacker sent him a phishing link, which allegedly led to a token exchange platform, and stole 29 NFTs from the Moonbirds collection worth a total of $1,5 million. This was revealed by a Twitter user nicknamed Cirrus.

29 Moonbirds were just stolen in a hack. ~750e (~$1,500,000) in value lost by clicking on a bad link.Sickening seeing stuff like this. Let this be a reminder to never ever click on links and to bookmark the marketplaces/trading sites that you use. pic.twitter.com/7iWO5LMovL— Cirrus (@CirrusNFT) May 25, 2022

How did events develop? Another PROOF Collective member, nicknamed Dollar, warned the hacker that his identity was almost revealed using tracking the movement of tokens. He stated that members of the Collective have prepared a report for the US Federal Bureau of Investigation (FBI). In his tweet, he noted an account under the nickname DVincent_, which has now been deleted.

.@DVincent_ You're already half doxxed via an exchange and stole $2 million. Better return them now or end up behind bars.A full report to the FBI already being briefed by Proof Collective and members.— dollar (@knownasdollar) May 25, 2022

A Twitter user nicknamed Sulfaxyz said that he almost fell victim to this hacker, but was more prudent. He stressed that he only uses trusted NFT trading platforms, while the hacker insisted on using a fraudulent service.

The exact same happened to me. I told him I would only use NFTTrader and he kept insisting on the other scammy platform. I said no. The scammer was @DVincent_. So be careful out there guys.— sulpha.eth (@sulphaxyz) May 10, 2022

What is known about Moonbirds? It is an NFT collection of 10 000 avatars of owls based on Ethereum. It was launched on April 16 by Proof, a media startup founded by venture capitalist Kevin Rose. The owners of Moonbirds have intellectual property rights. They also have access to the private PROOF Collective community. On April 25, The Sandbox gaming metaverse bought token #2642 for a record amount of $1 million. The seller made a profit of about $600 000. Now the most expensive token on the OpenSea NFT marketplace is being sold for 499 ETH ($905 685 at the Binance rate on May 26).

For more details about the largest collections of non-fungible tokens by capitalization, see GetBlock Magazine’s article.

What happened before? On May 22, hackers hacked into the Twitter account of NFT artist Mike Winkelmann, aka Beeple, and posted phishing links on his behalf to a fake raffle of non-fungible tokens. The hackers managed to steal ETH and NFTs from the collections of Mutant Ape Yacht Club (MAYC), VeeFriends, and Otherdeeds worth over $438 000.

On May 6, a hacker compromised the main Discord server of OpenSea. On behalf of the company, the attacker distributed phishing links under the pretext of airdropping non-fungible tokens from YouTube.

Also on April 25, the official Instagram account of the NFT collection Bored Ape Yacht Club (BAYC) was hacked. The hacker managed to steal 91 NFTs worth around $2,8 million using phishing. The attacker spread a malicious link under the pretext of a fake airdrop.