Summary:
- DeFi hackers exploited digital artist Beeple’s Twitter account back in May.
- The attackers deployed phishing links to unsuspecting users and stole over $450,000 in non fungible tokens and other crypto assets.
- The exploit from Beeple’s Twitter account alone was around 225 Ether.
- On-Chain investigator ZachXBT opined on the involvement of three individuals.
- Zach’s findings also said the hackers tapped Tornado Cash and FixedFloat to move their illicit gains
Decentralized (DeFi) hackers reportedly leveraging phishing strategies to rake in over $450,000 in profits after hacking Beeple’s Twitter account. The incident back in May 2022 involved the digital artist among several other handles that were compromised.
The self-proclaimed on-chain sleuth ZachXBT identified three individuals involved in the hack – Cam, Two1/Youssef, and Shayan. Zach is known on Twitter for his investigative threads on exploits, DeFi hacks, and other illicit crypto activities.
1/ Time for an investigation into the @beeple Twitter hack which resulted in $450k+ stolen, where those funds are now, and tracking down the three people responsible.
Let’s jump in.
Zach’s thread on Tuesday explained that Beeple’s account was compromised after one Cam sold Twitter panel access to other individuals – Two1 and Shayan. Beeple’s account and other handles were then used to launch a phishing attack against users.
3/ How did his Twitter account become compromised?
In a previous thread I shared how Cam Redman (SIM swapper) sold Twitter panel access to scammers which gave them access to accounts regardless of an account owners security.
Video (patched Aug 2022)https://t.co/NMlDB0EvCw https://t.co/F5uoQsCwCc pic.twitter.com/Wbl48S4crF
The link drained victims of their NFTs and other digital assets, per Zach’s finding. According to the thread, the haul from Beeple’s account alone yielded over 225 ETH for the defi hackers. At the time, the proceeds were worth an estimated $450,000.
The valuation is now under $310,000 at press time since the slump in crypto prices. Ether is also trading lower at around $1350.
Funds from the exploit have been moved through sanctioned Ethereum-based mixer Tornado Cash and crypto exchange fixed float. Zach tweeted that the hackers used similar patterns when transferring the stolen Ether.
The on-chain sleuth also pointed out that two of the phishing scammers are connected to previous attacks on the Bored Apes Otherside and Webaverse Discord channels.
7/ Interestingly the 0x2fc address belongs to a scammer known as Two1/Youssef. How do we know?
Well first the 0xcad address from Tweet 2 was funded by the same address who attacked the @OthersideMeta Discord.
In the attached thread I go in-depth to how it leads back to Two1 https://t.co/si6guYqdNC pic.twitter.com/vpPdHOAB2F
13/ The 25 ETH from the beeple hack was then moved from 0x702 to 0xf20 where it currently sits.
0xf2000037a148ea53d3f9c24f3b8607c847b60091 pic.twitter.com/6vMiL26mHN
DeFi Hackers Rake In $1 Billion+ In 2022
Crypto scams and hacks have seemingly risen within the digital asset industry as virtual currencies carved out a place on investment portfolios. EWN reported in August that DeFi hackers had stolen over $1 billion through phishing scams, attacks on defi protocols, and exchange exploits during 2022 so far.
Hackers have also targeted NFT projects like Bored Apes, going after their discord channels and community with phishing links in a bid to steal assets.
Source: Read Full Article
-
Ethereum Starknet Launches Testnet For 'Quantum Leap' Upgrade
-
Tornado Cash co-founder reports being kicked off GitHub as industry reacts to sanctions
-
Crypto exploit losses in January see nearly 93% year-on-year decline
-
US senators drill into FTC’s work to track AI attacks on older citizens
-
Crypto Astrologist Maren Altman Takes Flak for Past Celsius Support