Skip to content Skip to sidebar Skip to footer

The renowned Korean NFT animator DeeKay Kwon has had their Twitter account hacked and exploited to perform a phishing attack early Friday morning.
A hacker has compromised the Twitter account of the famous NFT artist DeeKay Kwon to execute a phishing attack on his followers.
The incident occurred early Friday morning when a hacker compromised the Korean animator and NFT creator DeeKay Kwon’s Twitter account to post a phishing link to a fake website. The post lured Kwon’s followers into signing transactions from a malicious smart contract by announcing he was launching a new, exclusive NFT collection. “The LetsWalk Collection Airdrop is now live! Only 1,000 lucky people are able to claim! Good luck!” the message posted on DeeKay’s compromised Twitter profile with over 179,800 followers read.
The hacker included a link to a fake website miming DeeKay’s official frontend. The phishing site instructed the victims to claim the malicious NFTs, but when the victims agreed to the claim, they inadvertently approved a transaction that granted the attacker access to their wallets. From there, the attacker was able to steal valuable NFTs from the victims’ wallets.
According to on-chain data, the attacker began their looting at around 03:43 CET this morning, ultimately pocketing about 65 NFTs from multiple victims before Kwon could retrieve his Twitter account and delete the malicious post. The attacker seems to have been able to sell between $80,000 and $91,000 of NFTs and has since transferred the ETH proceeds to another wallet. They still hold about 50 stolen NFTs worth around $52,000.
Approximately five hours after the attack began, Kwon commented on the incident on Twitter, saying that he got his account back and apologized for the event. “I got my account back. Apologies for this ugly event, and a sincere thank you to everyone who helped to inform others,” he said, adding that he was panicking for hours due to the incident. He also asked anyone affected by the phishing scam to comment on his post in order to connect and collaborate on a potential solution.
One of the victims who commented, going under the pseudonym CryptOmid.eth, said they were one of the people who got phished, losing four Cool Cats and three Azuki NFTs. “I clicked the sign button twice before I realized this seems shady,” the victim, who seems to be working as an engineer at Coinbase, explained in a related comment
Phishing attacks like today’s seem to be becoming increasingly common in the crypto space. Only four days ago, on July 11, a hacker stole approximately $8.6 million in crypto assets in a phishing attack targeting Uniswap liquidity providers. The way both attacks were conducted is strikingly similar.
Disclosure: At the time of writing, the author of this piece owned ETH and several other cryptocurrencies.
The information on or accessed through this website is obtained from independent sources we believe to be accurate and reliable, but Decentral Media, Inc. makes no representation or warranty as to the timeliness, completeness, or accuracy of any information on or accessed through this website. Decentral Media, Inc. is not an investment advisor. We do not give personalized investment advice or other financial advice. The information on this website is subject to change without notice. Some or all of the information on this website may become outdated, or it may be or become incomplete or inaccurate. We may, but are not obligated to, update any outdated, incomplete, or inaccurate information.
You should never make an investment decision on an ICO, IEO, or other investment based on the information on this website, and you should never interpret or otherwise rely on any of the information on this website as investment advice. We strongly recommend that you consult a licensed investment advisor or other qualified financial professional if you are seeking investment advice on an ICO, IEO, or other investment. We do not accept compensation in any form for analyzing or reporting on any ICO, IEO, cryptocurrency, currency, tokenized sales, securities, or commodities.
See full terms and conditions.
Join more than 100,000 subscribers

source

Leave a comment