NFT celebrity hacked again, PROOF/Moonbirds founder loses nearly two million dollars worth of NFTs
PROOF/Moonbirds founder Kevin Rose stated early on the 26th that a wallet security vulnerability resulted in the loss of 25 "Chromie Squiggle" NFTs with a base price of 13.3 ETH each, due to social engineering.
I was just hacked, stay tuned for details – please avoid buying any squiggles until we get them flagged (just lost 25) + a few other NFTs (an autoglyph) …
— KΞVIN R◎SE (🪹,🦉) (@kevinrose) January 25, 2023
Table of Contents
Typical Phishing, Kevin Rose Falls Victim, PROOF Asset Security
Kevin Rose stated that he was hacked and retweeted a tweet from a senior technical member of the PROOF team explaining: "This is a typical phishing attack." Authorization has been promptly revoked upon discovery to prevent signature vulnerabilities.
Additional information: How to revoke using Etherscan?
They mentioned that the digital assets owned by the PROOF team are still secure and will soon disclose details; team members are also writing code to allow MetaMask to block malicious websites.
Kevin Rose urged everyone not to buy the assets that were stolen from him and has already collaborated with OpenSea to label them as stolen goods. Other stolen goods can be found here:
Wallet Segmentation for Risk Isolation
Renowned developer foobar suggested that the best approach to such risks is to segment wallets.
Kevin Rose has signed a contract with OpenSea to authorize NFT transfers, meaning that if a wallet signs a malicious contract, everything can be taken away. foobar emphasized the importance of isolating assets and transferring them to a dedicated wallet only when they are ready to be listed for sale.
Earlier this year, another NFT KOL – NFT God, also fell victim to a phishing attack and mistakenly downloaded malicious software, resulting in the loss of all NFTs and digital assets.
be super careful when signing anything, even offchain signatures. kevin rose just had ~$2 million worth of NFTs drained from his vault from signing one malicious seaport bundle. thankfully a couple things held back, like the punk zombie (1000 ETH) which can't be traded on OS pic.twitter.com/GXHR3NQHLf
— foobar (@0xfoobar) January 25, 2023
Related
- After OpenSea investigation, Magic Eden CEO: Happy to see regulations becoming clearer
- Private space company SERA launches NFTs on Base, buyers have the chance to ride Blue Origin into space.
- Formerly criticized for disappointment, NFT project Pixelmon fractures NFT IP: offering players royalty income