The co-founder of Moonbirds NFT collection, Kevin Rose, was recently the victim of a phishing fraud, where he lost his NFTs worth over $1.1 million.
PROOF Co-founder Loses NFTs To Phishing Attack
The PROOF co-founder and NFT creator announced the news on Twitter, advising his followers to avoid all Squiggles NFTs. According to him, his team has flagged the Squiggles NFTs as stolen.
He later shared a tweet saying, “Full debrief coming,” after expressing gratitude for all the kind and supportive words he received. However, according to reports, Rose lost his NFTs after he accepted a malicious signature.
Unknown to him, doing so transferred a huge part of his NFTs to the attacker. An analysis by crypto security firm Arkham revealed that the hacker took one Autoglyph, nine OnChainMonkey items, and 25 Chromie Squiggles, also called Art Blocks.
Meanwhile, the floor price of the Autoglyph NFT is currently 345 ETH, OnChainMonkey is 7.2 ETH, and 332.5 ETH. The attacker extracted over 684.7 ETH (worth over $1.1 million.
Arran Schlosberg, VP of PROOF (the firm that launched Moonbirds), said Rose was a victim of phishing. Schlosberg said Rose signing the malicious signature enabled the hacker to move the assets.
Another crypto analyst on Twitter, “foobar,” gave more details of the attack explaining the technical aspects. The analyst said Rose authorized a contract for the OpenSea marketplace, which allowed the movement of all his NFTs every time he signed a transaction.
The crypto analyst suggested that instead of approving a contract to move all of his NFTs, Rose should have kept them “siloed” in a separate wallet. “It is safer to move assets from your vault to a different “selling” wallet before you list them on NFT marketplaces to prevent similar situations,” foobar said.
Exploiter Exchanged NFT Assets For BTC
“Quit,” another on-chain analyst tweeted that Seaport’s marketplace contract enables such malicious signatures. Additionally, Quit stated that the exploiters established a phishing site that allowed them to see Rose’s NFT assets in his wallet.
Furthermore, Quit said the exploiter created a transfer order that moved all of Rose’s assets that were authorized on OpenSea to themselves. Quit also hinted that Rose allowed the malicious transaction.
Foobar also stated that most of the stolen assets were valued above the floor price, which suggests the worth of the stolen NFTs could reach $2 million. Quit emphasized that users of OpenSea should be cautious and avoid any website that prompts them to sign anything that appears to be suspicious. It urged them to “run away” from such sites.
Meanwhile, ZachXBT, an on-chain analyst, posted a transaction map that shows that the hacker moved the NFTs to FixedFloat. FixedFloat is a crypto exchange built on BTC’s layer-2 lightning network. In addition, the exploiter exchanged the funds for BTC before depositing them into a BTC mixer.