Quick Summary
- DeeKay Kwon is a renowned animator with a Twitter following of 180k. Last week his Twitter account was hacked, and subsequently, many of his followers were scammed. Despite him intervening quickly, his followers were robbed of digital items worth $150,000.
Related: NFT Scam – All you should know about it and how to beware of it
DeeKay’s Twitter account got hacked
So how it all came to be? The hacker posted a phishing link to a website with a message that says, “The LetsWalk Collection Airdrop is now live! Only 1,000 lucky people are able to claim! Good luck!”. The victims of this trap clicked the link and tried minting free NFTs by linking their wallets to Web 3. As soon as they signed the transaction, all their NFTs in the connected wallet were transferred to the hacker’s wallet.
Apparently, the hacker has been preparing well for this attack, as he cloned DeeKay’s website to look exactly the same, except for a minor change in the URL. The website was created around two weeks before the attack. Interestingly, the hacker has been observing DeeKay’s pattern of activity on Twitter closely, and he attacked when he was least expected to come online. Kwon realized something was off when someone asked him why 2FA on his web was turned off, and he had no clue about it whatsoever.
Clearly, Kwon was not the hacker, as he has already started the process to compensate for the losses of the victims. But it won’t be enough to fill the void because next time he’ll have a hard time convincing people even if the mint is real. His fans are defending him saying it was not entirely his fault, instead, he was a victim himself. Also, those who tried minting must know that he would never go for a stealth drop. A stealth drop is one that has no prior marketing or announcements. Also connecting the wallet to a phishing website without verifying the URL is never a good idea.
Conclusion
Though the largest hacks in the crypto space are conducted through an exploit of a smart contract code, stealing digital assets through phishing campaigns can’t be dismissed. Because this isn’t by far a single event. A few days before this exploit, Uniswap, one of the best DeFi exchanges, also suffered from a phishing campaign where around $8.6 million was stolen. The attack targeted Uniswap liquidity providers. The nature of these two attacks is similar.
more to read
Opensea Hacked And Users Lost NFTs
What’s Rug Pull Or A Crypto Scam
Follow NFT World News: Twitter, Instagram, Telegram, Tiktok, Youtube, Twitch
author: Tatiana Cernochova
Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
