Josh Chavez took to Twitter to share a sad story about a dangerous scam he was targeted by. Fraudsters used an old technique with an infected file in documents attached to an email message.
On Jan. 19, 2022, Josh M. Chavez, an American digital artist, announced that scammers stole all tokens and NFTs from his on-chain crypto wallet MetaMask.
Today my MetaMask was drained and NFTs sold, all within a few minutes.
Never thought it would happen to me as I live on the internet and can spot scams a mile away, but today I forgot to double check one small detail: 🧵 pic.twitter.com/HwkIW14mTT
The artist unveiled that he had been contacted by a potential client via direct messages on Instagram. Despite the account of the “customer” being mass-followed by bots, Chavez decided to ignore this fact.
The stranger ordered cover art for their soon-to-be-released song. Chavez asked them to send details of the request, including information about the release, budget, concept, references and so on. All these details were sent to Chavez by email.
The scammer, using the name “Oscar Davies,” sent the documents; one of them was labelled as a .pdf but actually had the .exe filename extension. EXE-files are designed to execute computer programs when opened.
Once the file was opened, it was immediately bound to Chrome, the browser MetaMask wallets are integrated in. In the blink of an eye, it drained tokens from MetaMask and sold all NFTs on auctions for a tiny fraction of their real prices.
Chavez highlights that the whole procedure of social engineering was created masterfully: despite his expertise, he failed to notice red flags:
I live on the internet and can spot scams a mile away, but today I forgot to double check one small detail (…) I was not only in a rush, this was a routine thing – something I’ve complacently done many times on end with clients
As covered by U.Today previously, prominent actors of the NFT market were targeted by sophisticated scam campaigns in Q4, 2022, – Q1, 2023. In November, attackers hacked the social media of Greg Solano, the founder of BAYC, and started spreading phishing links.
Amid the euphoria around the FIFA World Cup in Qatar, scammers managed to pass Twitter security checks and promoted a fake Binance x Cristiano Ronaldo NFT airdrop.
Blockchain Analyst & Writer with scientific background. 6+ years in IT-analytics, 3+ years in blockchain.
Worked in independent analysis as well as in start-ups (Swap.online, Monoreto, Attic Lab etc.)
Disclaimer: Any financial and market information given on U.Today is written for informational purpose only. Conduct your own research by contacting financial experts before making any investment decisions.