hacking. Disinformation. Surveillance. CYBER is a Motherboard podcast that reports on the dark lower abdomen of the Internet.
Hackers tricked JPEG collectors of apes and mutants (also known as NFTs) into controlling digital art and selling it for over $ 500,000.
On Monday, Twitter users using larrylawliet (handle @iloveponzi) said they had lost all their digital art and sought help. According to cryptocurrency specialists, hackers or scammers have tricked Larry Lauriet into approving his wallet to interact with the hacker’s wallet. This type of fraud and hacking is becoming more and more common in the cryptocurrency world. Especially now that NFTs are worth hundreds of thousands of dollars and even millions of dollars.
“Probably this is somehow a rogue dAPP [decentralized application] We present this approval transaction to the user wallet, “said Tal Be’ery, CTO of the crypto wallet app. ZenGo, Told the motherboard in an online chat.
Be’ery explained that when analyzing blockchain transactions, larrylawliet seemed to allow his NFT access to what appears to be a dAPP or decentralized app, perhaps to assist in trading images. The problem is that it wasn’t really a dApp, but a personal wallet that started ejecting all NFT’s larry lawliet wallets.
“Of course the problem is when you give permission (=” approval “) to a bad address,” he said.
Larrylawliet told Motherboard that his hack was part of the hacking fallout of the Moshi Mochi NFT project. “Today, our discord is in jeopardy,” said Moshimochi’s Twitter account. Tweet on monday.. In this project, he explained that hackers were able to direct the official Discord channel and direct users to fake websites. According to Moshi Mochi, project members have lost 35 ETH.
But it was even worse for larrylawliet, who said in an online chat that he was fooled by a hacker sending a fake link through an official announcement telling users that he could create a final round of NFTs. That was what they clicked on and was hacked when they gave permission to the attacker.
Is there any other information about similar hacks? Or are you investigating vulnerabilities in cryptocurrencies and their networks? We look forward to hearing from you. Lorenzo Franceschi-Bicchierai can be securely contacted by Signal (+1 917 257 1382, Wickr / Telegram / Wire @lorenzofb) or email lorenzofb @ vice.com.
Hackers stole 7 NFTs from larry lawliet. According to blockchain records: 1 from Bored Ape Yacht Club, 5 from Mutant Ape Yacht Club, 1 from Doodle. Other victims have lost four Doodle NFTs. Hackers then sold NFTs for a total of just under $ 700,000 (The boring apes of larry lawliet were sold 100 ETH, or $ 275,000). Larrylawliet claimed that the hacker was selling a stolen NFT. According to him, NFTs could have sold for 1,000 ETH, or $ 2.7 million. “Hackers don’t want to sell, so they want to sell as soon as possible. [get] It’s locked by OpenSea, “he said.
In fact, NFTs are currently listed as “frozen” in OpenSea.
According to blockchain records, the attacker’s wallet has moved about $ 1.5 million worth of 600 ETH through tornado cash tumbling and mixing services, as confirmed by Be’ery.
This is the last of a seemingly endless and perhaps endless series of NFT robbers. last year, Hackers hijacked several accounts on the NFT Marketplace Nifty Gateway I stole thousands of dollars worth of digital art. Images from the boring Ape Yacht Club (BAYC) collection of luxury tiers are especially appetizing given their bloated value. In November, The hacker tricked the seller into giving up his ApeJPEG— Worth hundreds of thousands of dollars — Free. And it was a small haul. Earlier this year Scammers stole about $ 2.3 million worth of boredom and mutant apes From the owner of Manhattan: Chelsea Art Gallery.
Over and over again, the ecosystem of NFTs and their surroundings Unique vulnerabilities that occur For centralized systems that interact with decentralized assets, and the vigilance required by users.
Subscribe to the Cyber Security Podcast, cyber-..apply New Twitch channel..
