Popular NFT thought leader NFT God claims to have lost a “life-changing amount” of NFTs. On January 14th, the influencer announced that his entire digital livelihood was “hacked and used to hurt others”. NFT God is the latest victim of crypto scammers. The frauds also sent out malicious emails to around 16,000 of his closest followers. Learn more about the incident below.
NFT God Hack: How Did it Happen?
NFT God claims that a sponsored advertisement link led to this hack. This specific link contains malware that then allowed hackers access into NFT God’s system. The influencer then lost access to Twitter, Substack, Gmail, Discord, and wallet accounts, due to the hack. This further led to the anonymous crypto builder losing almost all his digital assets and collateral damage to his closest followers.
NFT God states that they used their Ledger as a hot wallet rather than a cold wallet. Therefore, this left them open to hacks. To be specific, they entered the seed phrase in a way that “no longer made it a cold wallet.” This in turn grants access to hackers to users’ NFTs and crypto. Therefore, the malicious software got into the system due to NFT God clicking on a fake download link. NFT God was trying to download the popular video streaming software OBS, and clicked on one of the sponsored ad links, instead of the official link.
The influencer aimed to live-stream a video game for the first time, via the (installed) OBS software. However, a couple of hours after the installation, Twitter user Klopp.eth notified NFT God of the strange activity.
The NFT influencer found out about the hack because a series of phishing tweets were sent out via two of NT God’s accounts. Furthermore, the scammers sent two malicious emails to 16,000 of NFT Gods Substack subscribers. This further caused damage to over a year of work and community trust.
The data suggests that the hacker stole 19 ETH (~$30,000) and a Mutant Ape NFT, among several other assets. The hacker unloaded the crypto/NFTs onto multiple wallets before swapping them on FixedFloat for other cryptocurrencies.
Malware on Google Ads
NFT God, like many others in the crypto community is a victim of malware-targeting software in Google Ads. Cybersecurity firm Cyble mentions “Rhadamanthys Stealer” which is the malicious software spreading through Google ads. The software runs a program with a ‘trojan horse’, after which the mnemonic of the encrypted asset is connected to the Internet on the computer. This then makes it easy for the hackers to steal data from the system.
After the phishing attack, they have expressed regret in their decision to not immediately buy a cold wallet, but also states that buying a cold wallet may have not made much of a difference. They state that people must be careful with every single thing they do on the internet. To stay safe from hacks and scams check out our articles on NFT security and safety.