9Tales, the play-to-earn NFT card game project, has tracked the hacker behind over $10 million worth of scams. In a remarkable Medium article and corresponding Twitter thread, they have detailed the crazy tale behind the investigation. In a story straight from Hollywood that includes searching photographs, the FBI, contact with the hacker, and much more, this is how they found the hacker.
Why did 9Tales go after a hacker?
On April 18th, someone hacked the 9Tales Discord with over 20 thousand members. One of the admins was compromised, and a fake minting page appeared in the Discord. This was a quick and clever hack, and they stole NFTs that they went on to sell for 33 ETH.
Upon finding out about the hack, 9Tales was shocked and immediately launched an internal audit and investigation to find out how it happened. Significantly, the team also promised to reimburse all the victims of the scam. They have refunded over 37 ETH to the people scammed in their Discord.
The audit by 9Tales raised some serious questions about security and led them to realise that the hack was through a phishing Discord invite.
One of the admins was compromised, and after making sure he wasn’t the hacker, they moved on to the next stage. According to the Medium article, they spent a long time trying to find clues about the hack.
“This sent us through a rabbit hole for 48h. We exhausted many leads, looking through on-chain transactions and off-chain clues. While doing that, one of our co-founders went into our logs and found a discord ID that got a mod role during our hack,” 9Tales wrote.
9Tales contacts the hacker
The 9Tales team contacted the Discord ID they found, and surprisingly, they got a message back straight away. He quickly confirmed that he was the hacker behind the Discord scam. Surprisingly, he had more to confess. In fact, the hacker said he had stolen more than 10 million dollars from more than 50 NFT projects.
Furthermore, he sent screenshots of one of his crypto portfolios, with over $1 million. He also wanted to talk about previous projects he had scammed and named various projects.
Significantly, he claims he did a lot of these scams with the help of someone on the inside of the projects. He said that he and his friends stole over $10 million from various NFT projects in one conversation.
Notably, Twitter NFT scam detective zachxbt has mapped out a diagram of the hacker’s trail. One of the hacker’s wallets contains $3.9 million.
The hacker slips up
Weirdly, the hacker also sent an image to 9Tales that appears to show his location and mock the team. Eagle-eyed members of the 9Tales team noticed something in the photo’s background.
“In the corner of the picture, there is a towel, and on the side of this towel, spanning just a few pixels, there is the name of a sort of hotel”.
Using the hotel’s name, they appeared to find somewhere with a similar background, including trees and nature, on Google Street View.
Using the hacker’s greed to gain more information, 9Tales kept contacting him. Incredibly, the hacker tried to talk the co-founder into helping him hack 9Tales. The co-founder of 9Tales ended up on a voice call with the hacker.
The 9Tales team believed they had enough information to get the authorities involved. They contacted the local police and waited for a response.
Police and FBI get involved in NFT hacking scam
Although he wasn’t showing his face, the scammer and 9Tales had several video calls. The background of the video confirmed to the team that the hotel they found was the place he was staying. They called the local police, and eventually, after much persuasion, they sent an officer to investigate.
The office confirmed that people were staying at the hotel, had taken their identification info, and that one matched the description.
In an amazing turn of events, the co-founder of 9Tales was actually on a video call with the hacker when the police arrived. “Funnily enough, our co-founder was in a video call with the scammer when the officer was looking for him. We have a recording of the scammer wondering why a police officer was looking around. Unbeknownst to him, the officer was sent by us!”
Unfortunately, the police didn’t manage to find any more details, and the investigation came to a halt. At this point, the 9Tales team contacted the FBI to tell them about the hacker.
However, the hacker was still conducting scams and earning millions. He told the 9Tales co-founder that he was involved in the TicketTools bot hack, which affected many big discord servers like BAYC, Doodles, etc.
What next for the 9Tales hacker investigation?
The FBI didn’t seem too interested, and the scammer is still robbing and hacking. This is a dangerous man, working with others to steal millions for people. You would think the authorities would be more involved for such a significant amount of money.
Unfortunately, 9Tales believes they have now exhausted all of their options now and cannot continue the investigation.
At this point, the 9Tales team believes that the best thing they can do to stop the hacker is to go public. In addition, they hope that others will take up the challenge to find and build up a strong case against the hacker.
“If any person, trusted in the space or competent, believes he can help speed up this investigation and would like to verify our claims, we invite you to contact us, and we will be happy to share our documents with you once an NDA is signed”, 9Tales said.
Finally, one thing is for sure, this hacker likes to be noticed. Numerous times, he has revealed details about himself and his location. He has also shown huge amounts of information about his actions and the people he works with.
Hopefully, now the information is public, someone will find enough to connect the dots on this notorious hacker.