Moonbirds NFT founder Kevin Rose is the latest victim of a phishing hack leading to over $2 million in losses. On Wednesday, the PROOF collective founder sent tweets stating his personal wallet was hacked. The total number of NFTs that Kevin Rose lost is around 40, including 25 Chromie Squiggles and other rare collectibles. Read on to learn more about the incident below.
How Did Kevin Rose Lose $2 Million Worth of NFTs?
It is being said that Kevin Rose was “phished into signing a malicious signature that allowed the hacker to transfer a large number of high-value tokens.” – according to fellow PROOF VP Arran Schlosberg. Rose signed an off-chain signature that created a listing for all of his OpenSea approved assets in one go. In the tweet announcing the hack, Kevin Rose warns his followers not to purchase any Chromie Squiggles, an iconic project from Art Blocks founder Snowfro.
Around 40 major NFTs are lost as a result of this hack. Some of these include projects such as Cool Cats, OnChainMonkeys, Chromie Squiggles, Autoglyphs, QQL Mint Pass, Admit One Pass, and more. Arran also states that the hacker tricked Kevin Rose with a classic case of social engineering. To clarify, Kevin Rose was duped into a false sense of security and signed malicious transactions that were then accepted by OpenSea’s marketplace contract.
He also adds that PROOF collective digital assets are safe and unaffected by the hack. This is because PROOF NFTs require multiple approvals for access. The team states they are actively investigating the issue with the OpenSea and Ledger anti-fraud teams. Furthermore, @cxcoda (PROOF engineer) has submitted code to shut down access to the malicious website on Metamask. The shutdown will be effective globally within 24 hours.
What’s Happening with NFT Hacks?
Kevin Rose is the latest in a string of phishing scams targeting major NFT/web3 builders. On January 7th, Nike RTFKT COO Nikhil Gopalani lost around $137K in NFTs due to phishing attacks. NFT Twitter has been exploding with support and even rage against the prominent scams in the industry. Top degen @Degentraland has called this the “saddest thing” they’ve seen to date.
Crypto detective @ZachXBT states that the scammer also stole 75 ETH from another victim around the same time. The stolen funds move from there to FixedFloat, where the scammer swaps his ETH for Bitcoin before they deposit into a bitcoin mixer. There are also reports that this is the same scammer who also stole a CryptoPunk #6982 earlier this week.
Additionally crypto detective @0xQuit says that SeaPort approved the off-chain malicious signature. The SeaPort protocol allows builders to build powerful tools, and offers more flexibility for traders to buy and sell NFTs. This protocol powers OpenSea, but can be used anywhere. Quit states “At its core, seaport allows you to create a listing consisting of an asset or bundle of assets (offer items), along with assets required to fulfill it (considerations).” Seaport scammers sometimes may try and reverse engineer this loophole into draining wallets still connected to the site. Quit warns that users must always be wary of any account they use to interact with websites. More details on this type of wallet drain can be found in his twitter thread.
