The scammer sold the stolen NFTs on OpenSea and used a crypto mixer to launder the funds.
Cover art/illustration via CryptoSlate
The Twitter account of famous digital artist Mike Winkelmann, commonly known as Beeple, was hacked on May 22.
Harry Denley, a security analyst at Metamask, announced this via Twitter.
In his tweet, Denley warned users that Beeple’s tweets, which contained a link to a raffle of a Louis Vuitton NFT partnership, were part of a phishing attack. Denley added that clicking the link would drain crypto from users’ wallets.
⚠️ Beeple’s Twitter account has been compromised (ATO) to post a phishing website to steal funds.
— harry.eth 🦊💙 (whg.eth) (@sniko_) May 22, 2022
The scammer orchestrated this attack looking to capitalize on Beeple’s recent collaboration with the fashion giant. This collaboration saw Beeple design 30 NFTs for Louis Vuitton’s Louis The Game mobile game. The game integrated the NFTs as rewards for players.
The scammer continued posting phishing links from Beeple’s account. The links led to fake Beeple collections, which attracted unwitting users. Specifically, the collections promised a free mint for unique NFTs.
If we assume everything is secure, at time of this tweet the bad actors managed to scam:
0xf305 is yet to withdraw
45 NFTs (est ~$166k)
Total = $438k (active for ~5hours)
The scammer used a crypto mixer to launder the proceeds
On-chain data revealed that the scammer sold the obtained NFTs on OpenSea. To launder the proceeds, the scammer sent the funds to a crypto mixer.
Beeple eventually regained control over his account. However, he urged users to always be careful, adding that anything that seems too good to be true is a scam.
This news comes as phishing attacks continue plaguing the crypto and NFT industries. MetaMask warned web3 enthusiasts using Apple devices to be wary of a phishing attack in the past month. This warning came after an Apple user lost more than $650,000 worth of NFTs and ApeCoin (APE).
Per MetaMask, Apple devices have a default security issue that allows malicious actors to see the seed phrase stored on Apple’s iCloud storage service.