Hackers stole $150 000 worth of NFTs with artist DeeKay’s Twitter account

On behalf of DeeKay Kwon, the attackers published a phishing link under the guise of an airdrop of non-fungible tokens

16.07.2022 - 08:15

255

2 min

What’s new? On July 15, hackers hacked into the Twitter account of South Korean artist and animator DeeKay Kwon, known by his nickname DeeKay. The attackers posted a phishing link on his behalf to an audience of around 180 000 followers under the pretext of an NFT airdrop from a new collection. However, a malicious smart contract had been activating on the website after the transaction was signed, opening up access to the wallet. The hackers thus managed to steal about 65 NFTs worth $150 000 in five hours before Kwon regained access to the account.

🚨🚨🚨🚨Be Safe. DeeKay’s twitter is hacked. pic.twitter.com/qpZtlHF8UR— sean (@SeanOhio_) July 15, 2022

How did events develop? The attackers sold $80 000 to $91 000 worth of non-fungible tokens and transferred the resulting ETH to another wallet. Most of the stolen tokens, about 50, remained with the hackers. Their total value is around $52 000.

After restoring access to the account, Kwon thanked those who were spreading the word about the scam, apologized to subscribers, and asked anyone affected by the phishing attack to get in touch to compensate for the damage.

6/I am reaching out to everyone affected and have already started a process to find a way to compensate. Though, if I am honest, I am uncertain if reimbursement is the way forward since few are pretending to be affected and looking for opportunities.— DeeKay (@deekaymotion) July 15, 2022

The artist noted that the attack was carefully prepared and planned — the phishing page, where users were invited to issue tokens, very accurately copied his original site. In addition, it was created two weeks before the hack. Finally, the hackers took a close look at what times DeeKay is not active on social media. That said, the artist himself has no idea how the account could have been hacked, even assuming disabling two-factor authentication.

Earlier, NFT artist Mike Winkelmann, known under the pseudonym Beeple, was in a similar situation. Hackers hacked into his Twitter account and posted phishing links for five hours, under the guise of an NFT raffle. They managed to steal more than $438 000.

For more details on NFT scam schemes and how to choose reliable projects to invest in, see GetBlock Magazine’s article.

Author: