The new 2023 has already become the synonym for the revival of the whole NFT industry with only positive news on the agenda. But amidst the overwhelming thaw after the prolonged period of stagnation, most market players have relaxed, enjoying the warm beams of blockchain. Thus, having let his guard down, the CEO and co-founder of the NFT collective PROOF behind the blue-chip Moonbirds collection, Kevin Rose, fell victim to a phishing attack. As a result of the malicious actions, namely of his personal wallet had been hacked, the NFT degen lost around 40 blue-chip assets, including 25 Chromie Squiggles, Cool Cats, OnChainMonkeys, Autoglyphs, QQL Mint Pass, Admit One Pass, and others. The total evaluation of NFTs phished is said to reach more than $1 million!
The sad news was published by Rose via a tweet of January 26th that reads: “Today I was phished. Tomorrow we'll cover all the details live, as a cautionary tail, on Twitter spaces. Here is how it went down, technically…”
To help investigate the attack, Kevin’s fellow PROOF VP Arran Schlosberg posted a series of publications, supposing the possible actions that led to the NFT drain. According to Arran, Rose “was phished into signing a malicious signature that allowed the hacker to transfer a large number of high-value tokens.” Additionally, Arran Schlosberg states that his colleague was tricked with a classic case of social engineering. In other words, misled by a false sense of security, Rose signed malicious transactions that were later accepted by OpenSea.
Thus, Rose made a mistake, having signed an off-chain signature that created a listing for all of his OpenSea-approved NFTs at once. In the long Twitter thread devoted to the phishing, the PROOF founder warns his followers not to purchase any of the blue-chip Chromie Squiggles NFTs by Art Blocks founder Snowfro.
To calm down the PROOF community, Kevin Rose added that all NFTs under the brand are highly secured and didn’t fall victim to the hack as they require multiple approvals for access.
Currently, the investigation of the phishing attack is ongoing with top OpenSea and Ledger anti-fraud teams engaged in the matter. We hope the guys will find the hacker and bring the valuable NFTs back to Rose’s wallet. Stay safe and tuned!