Moonbirds creator Kevin Rose loses $1.1M+ in NFTs after 1 wrong move

Please fol­low and like us:
Pin Share

Kevin Rose, the co-founder of the non­fun­gi­ble token (NFT) col­lec­tion Moon­birds, has fall­en vic­tim to a phish­ing scam lead­ing to more than $1.1 mil­lion worth of his per­son­al NFTs stolen.

The NFT cre­ator and PROOF co-founder shared the news with his 1.6 mil­lion Twit­ter fol­low­ers on Jan. 25 ask­ing them to avoid buy­ing any Squig­gles NFTs until they man­age to get them flagged as stolen. 

“Thank you for all the kind, sup­port­ive words. Full debrief com­ing,” he then shared in a sep­a­rate tweet about two hours later.

It is under­stood that Rose’s NFTs were drained after sign­ing a mali­cious sig­na­ture that trans­ferred a sig­nif­i­cant pro­por­tion of his NFT assets to the exploiter.

An inde­pen­dent analy­sis from Arkham found that the exploiter extract­ed at least one Auto­glyph (345 ETH), 25 Art Blocks — also known as Chromie Squig­gle — (332.5 ETH) and nine OnChain­Mon­key items (7.2 ETH).

In total, at least 684.7 ETH ($1.1 mil­lion) was extracted.

How Kevin Rose got exploited

While sev­er­al inde­pen­dent on-chain analy­ses have been shared, Vice Pres­i­dent of PROOF — the com­pa­ny behind Moon­birds — Arran Schlos­berg explained to his 9,500 Twit­ter fol­low­ers that Rose “was phished into sign­ing a mali­cious sig­na­ture” which allowed the exploiter to trans­fer over a large num­ber of tokens:

Cryp­to ana­lyst “foo­bar” fur­ther elab­o­rat­ed on the “tech­ni­cal aspect of the hack” in a sep­a­rate post on Jan. 25, explain­ing that Rose approved a OpenSea mar­ket­place con­tract to move all of his NFTs when­ev­er Rose signed transactions.

He added that Rose was always “one mali­cious sig­na­ture” away from an exploit:

The cryp­to ana­lyst said Rose should have instead been “silo­ing” his NFT assets in a sep­a­rate wallet:

“Mov­ing assets from your vault to a sep­a­rate “sell­ing” wal­let before list­ing on NFT mar­ket­places will pre­vent this.”

Anoth­er on-chain ana­lyst, “Quit” told his 71,400 Twit­ter fol­low­ers fur­ther explained that mali­cious sig­na­ture was enabled by the Sea­port mar­ket­place con­tract — the plat­form which pow­ers OpenSea:

Quit explained that the exploiters were able to set up a phish­ing site that was able to view the NFT assets held in Rose’s wallet.

The exploiter then set up an order for all of Rose’s assets that are approved on OpenSea to then be trans­ferred to the exploiter.

Rose then val­i­dat­ed the mali­cious trans­ac­tion, not­ed Quit. 

Relat­ed: Bluechip NFT project Moon­birds signs with Hol­ly­wood tal­ent agents UTA

Mean­while, foo­bar not­ed that most of the stolen assets were well above the floor price, which means that the amount stolen could be as high as $2 million.

Quit urged that OpenSea users “need to run away” from any oth­er web­site that prompts users to sign some­thing that looks suspicious. 

NFTs on the move

On-chain ana­lyst “ZachXBT” shared a trans­ac­tion map to his 350,300 Twit­ter fol­low­ers, which shows that the exploiter sent the assets to Fixed­Float — a cryp­tocur­ren­cy exchange on the Bit­coin layer‑2 “Light­ning Network.” 

The exploiter then trans­ferred the funds into Bit­coin (BTC) and before deposit­ing the BTC into a Bit­coin mixer:

Cryp­to Twit­ter mem­ber “Degen­tra­land” told their 67,000 Twit­ter fol­low­ers that it was the “sad­dest thing” they have seen in cryp­tocur­ren­cy space to date, adding that if any­one can come back from such a dev­as­tat­ing exploit, “it’s him”:

Mean­while, Ban­k­less founder Ryan Sean Adams was enraged with the ease at which Rose was able to be exploit­ed. In the Jan. 25 tweet, Adams urged front-end engi­neers to pick up their game and improve user expe­ri­ence (UX) to pre­vent such scams from tak­ing place.



Source link

Please fol­low and like us:
Pin Share

Leave a Reply

Your email address will not be published. Required fields are marked *