An NFT collector has just been robbed by hackers. Within hours, he lost all his digital assets, including his cryptocurrencies. He points to an ad on Google that hides malware.
NFT Good, an influential collector in the market for non-fungible tokens (NFT), has been hacked. On Twitter, the influencer claims that his whole ” digital livelihood » was raped by an unknown assailant:
“Every account associated with me both personally and professionally has been hacked […] All the channels I have with my community, friends and family have been compromised in the last 24 hours. My Twitter, Substack, Gmail, Discord and my wallets have all been invaded”.
Last night my entire digital livelihood was violated.
Every account associated with me both personally and professionally was hacked and used to harm others.
Less important, I lost a life-changing amount of my net worth
— NFT God (@NFT_GOD) 15 January 2023
At the end of the operation, all assets in his possession disappeared. The collector managed to go back to the origin of the attack. Apparently, he fell into a crude trap set by cybercriminals using an ad on Google. This ad, which appeared at the top of the search engine results, convinced him to install software called OBS on his computer. It is a video streaming program open source.
A very classic trap
Unfortunately, the program contained one malware. Once installed on the machine, the computer virus has vacuumed all sensitive data, including identifiers (name and passwords) and private keys. Thanks to the private keys, the hackers were able to take control of all his digital wallets containing NFTs and cryptocurrencies.
“I knew at that moment that everything was gone. Everyone. All my crypto and NFTs have been ripped from me”.
In particular, by consulting the blockchain, we discover that the attackers seized 19 ethers, or approximately 27,000 euros, and one NFT from the Mutant Ape Yacht Club collection. This digital artwork is valued at around $25,000, CoinTelegraph reports. Some of the exchange was transferred to a little-known decentralized exchange, FixedFloat, and converted to other digital currencies.
At the same time, the thieves wanted to use the notoriety of NFT God to trick other Internet users. Tweets forward to websites of phishing was posted using his Twitter account. The collector quickly responded by deleting the messages. With access revoked malware, the criminals also tried to target NFT God’s 16,000 Substack subscribers. A handful of emails from phishing was directed at them, ruining the influencer’s reputation. Again, the influencer reacted quickly by alerting his community. In an emergency, he reset all his passwords, his computer and implemented new security measures.
The victim committed a classic mistake : do not go directly to the official website of the software you want to download. Don’t trust an ad that appears at the top of Google results. Nothing guarantees its authenticity. This precaution makes it possible to avoid unpleasant surprises and fake software put online by fraudsters. These traps allow cybercriminals to ride the popularity of a program to quickly generate profits.
“The first sponsored link I clicked will surely be the last”summarizes NFT God, aware of his mistake.
It is actually not uncommon for booby-trapped software to be distributed on the web. Likewise, it is very common for hackers to display ads on the Google search engine to trick their victims. A few months ago, a fake Google Translate application that contains a malware spread online. This third-party application, intended for Windows computers, hid a virus designed to mine anonymous cryptocurrencies, such as XMR, without internet users’ knowledge. Last year, Changpeng Zhao, CEO of Binance, had also warned cryptocurrency investors about ads on Google. He had also asked the Mountain View giant to take measures to protect internet users.
Google displays phishing sites when users search the CMC. This affects users who add smart contract addresses to MetaMask using these phishing sites. We are trying to contact Google about this and in the meantime warn users about this through social channels. pic.twitter.com/3q4860Jl4H
— CZ 🔶 Binance (@cz_binance) 27 October 2022
Cryptocrime increased in 2022
Despite cryptocurrency crash, cybercriminals continue to prey on holders of digital assets. Last year, the analytics company Chainalysis took over an increase in illegal transactions on blockchain. IN its annual reportthe company specifies that this is the first increase in three years:
“For the first time since 2019, the proportion of illegal cryptocurrency activity increased from 0.12% in 2021 to 0.24% in 2022.”
Despite the increase, the volume of transactions related to criminal activities remains anecdotal. The vast majority of transfers recorded on blockchains are made by investors and users. Cryptocurrencies are not just for hackers and scammers.