- The renowned animator and NFT artist DeeKay Kwon had his Twitter account with over 179,800 followers hacked earlier this morning.
- The hacker published a link to a phishing website instructing users to approve a malicious transaction under the pretense of claiming an exclusive NFT drop from the artist.
- After the victims approved the transaction, the hacker drained their wallets, stealing approximately $150,000 worth of NFTs from multiple victims.
The renowned Korean NFT animator DeeKay Kwon has had their Twitter account hacked and exploited to perform a phishing attack early Friday morning.
DeeKay Twitter Followers Phished for Over $150,000
A hacker has compromised the Twitter account of the famous NFT artist DeeKay Kwon to execute a phishing attack on his followers.
The incident occurred early Friday morning when a hacker compromised the Korean animator and NFT creator DeeKay Kwon’s Twitter account to post a phishing link to a fake website. The post lured Kwon’s followers into signing transactions from a malicious smart contract by announcing he was launching a new, exclusive NFT collection. “The LetsWalk Collection Airdrop is now live! Only 1,000 lucky people are able to claim! Good luck!” the message posted on DeeKay’s compromised Twitter profile with over 179,800 followers read.
The hacker included a link to a fake website miming DeeKay’s official frontend. The phishing site instructed the victims to claim the malicious NFTs, but when the victims agreed to the claim, they inadvertently approved a transaction that granted the attacker access to their wallets. From there, the attacker was able to steal valuable NFTs from the victims’ wallets.
According to on-chain data, the attacker began their looting at around 03:43 CET this morning, ultimately pocketing about 65 NFTs from multiple victims before Kwon could retrieve his Twitter account and delete the malicious post. The attacker seems to have been able to sell between $80,000 and $91,000 of NFTs and has since transferred the ETH proceeds to another wallet. They still hold about 50 stolen NFTs worth around $52,000.
Approximately five hours after the attack began, Kwon commented on the incident on Twitter, saying that he got his account back and apologized for the event. “I got my account back. Apologies for this ugly event, and a sincere thank you to everyone who helped to inform others,” he said, adding that he was panicking for hours due to the incident. He also asked anyone affected by the phishing scam to comment on his post in order to connect and collaborate on a potential solution.
One of the victims who commented, going under the pseudonym CryptOmid.eth, said they were one of the people who got phished, losing four Cool Cats and three Azuki NFTs. “I clicked the sign button twice before I realized this seems shady,” the victim, who seems to be working as an engineer at Coinbase, explained in a related comment.
Phishing attacks like today’s seem to be becoming increasingly common in the crypto space. Only four days ago, on July 11, a hacker stole approximately $8.6 million in crypto assets in a phishing attack targeting Uniswap liquidity providers. The way both attacks were conducted is strikingly similar.
Disclosure: At the time of writing, the author of this piece owned ETH and several other cryptocurrencies.
The information on or accessed through this website is obtained from independent sources we believe to be accurate and reliable, but Decentral Media, Inc. makes no representation or warranty as to the timeliness, completeness, or accuracy of any information on or accessed through this website. Decentral Media, Inc. is not an investment advisor. We do not give personalized investment advice or other financial advice. The information on this website is subject to change without notice. Some or all of the information on this website may become outdated, or it may be or become incomplete or inaccurate. We may, but are not obligated to, update any outdated, incomplete, or inaccurate information.
You should never make an investment decision on an ICO, IEO, or other investment based on the information on this website, and you should never interpret or otherwise rely on any of the information on this website as investment advice. We strongly recommend that you consult a licensed investment advisor or other qualified financial professional if you are seeking investment advice on an ICO, IEO, or other investment. We do not accept compensation in any form for analyzing or reporting on any ICO, IEO, cryptocurrency, currency, tokenized sales, securities, or commodities.
See full terms and conditions.
Uniswap Liquidity Providers Hit for $8.6M in Phishing Scam
On-chain data indicates that most of the losses were incurred by a single Ethereum wallet providing liquidity to Uniswap. Uniswap Liquidity Providers Phished for $8.6 Million A hacker has stolen…
OpenSea NFT Hack Exposes Web3 Self-Custody Risks
The hacker stole hundreds of high-value NFTs from sought-after collections like Bored Ape Yacht Club, Azuki, and NFT Worlds. OpenSea Users Targeted in NFT Hack A hacker stole millions of…
Bored Ape NFT Thief Steals $2.7M in Instagram Hack
The hacker stole 91 NFTs, including 14 Bored Ape Yacht Club-affiliated NFTs. Bored Ape Yacht Club Instagram Hacked Yet more Bored Ape Yacht Club members have lost their high-value NFTs…
Beginner’s Guide: How to Safeguard Your NFT Collection Against H…
Crypto Briefing shares a list of operational security best practices for safeguarding your NFTs. Security Tips For NFT Collectors In 2021, NFTs exploded into the mainstream. The market for non-fungible…