Illustration: Aïda Amer/Axios
Kevin Rose, a serial entrepreneur going back to 2004’s web pioneer Digg, got tricked into giving away a bunch of very valuable NFTs on Wednesday night.
Why it matters: The multi-part scheme that began with a seemingly mundane airdrop, is a reminder of how easily even the founder of an NFT-focused company could be lured into a trap.
- In the ever evolving world of cyber crime, it helps to stay conscientious of how miscreants are manipulating others out of money and valuable goods.
Details: On a Twitter Spaces on Thursday, Rose explained that the malicious airdrop was crucial to tricking him into checking out a website, which in turn was designed to trick him into giving up his tokens.
- Arkham Intelligence estimated the lost NFTs at $1.09 million in value.
Of note: Rose keeps all his valuable NFTs on a hardware wallet which is normally offline. But he had taken it out to sell a couple of NFTs from his collection, visiting the OpenSea marketplace to authorize the items for sale.
- Once he had his wallet connected, he saw he had an airdrop that looked like it came from the The Memes by 6529 collection.
Be smart: An airdrop is when someone sends a token to a known address, often done to promote something. Yet they can end up being valuable.
How it happened: Rose was on a phone call that he was only half paying attention to while he set up his NFT sale. So, he went to the airdrop’s website while his hardware wallet was active.
- As he said on the Twitter Spaces, everything looked legitimate and well designed. Nothing was pushing him to urgently take any action.
- “This is also a tale of multitasking, that you should never do when you’re messing around with NFTs,” Rose said.
And then: He found a page that seemed to indicate he should just “sign-in,” which turned out to be the fatal step. He realized too late that he’d authorized much more than he meant to.
- “The second I signed in I knew something was wrong, because I got a followup signature right away that said ‘authorize all your Meebits‘ [a type of NFT],” he explained.
- Lots of NFTs can be seen leaving his wallet Wednesday, but he still has plenty of good ones left.
Context: The crucial point here that Rose made on the Spaces discussion was that Memes by 6529 is a very artsy NFT collection. It’s not big and famous. You need to be an insider to appreciate it.
- This inspired more confidence in him than, say, a scammy looking Twitter link promising a new Bored Apes airdrop, a very famous collection.
- Naming a more bespoke collection looks more targeted.
We can’t know if the attacker knew they were going after Rose himself, but they could see by looking at the NFTs in his wallet that he must have been an insider.
- In other words, this looks like “spear phishing,” when someone carefully designs a trick for one target or a kind of target.
What we’re watching: Rose is now the founder of an NFT-focused company called PROOF Collective, best known for creating one of the top collections, Moonbirds.
- The Moonbirds team is planning to release a post-hack trouble shooting guide for other victims.
The bottom line: “It’s not lost on me that I’m in a very lucky position to have even had these NFTs in the first place,” Rose said during the Twitter Spaces.
- He’s still got lots of Meebits.
