Yesterday, Moonbirds’ creator got hacked! In detail, Kevin Rose who is also the founder of Proof_XYZ was phished! He was tricked into signing a malicious signature that allowed the hacker to transfer a large number of high-value tokens from his balance. Here is how it happened!
Moonbirds’ Creator Got Hack: How Did This Happen?
Unfortunately, the unknown hacker was very meticulous while executing his phishing attack! In detail, Arran Schlosberg, vice president of engineering at Proof, described the incident as a ‘classic piece of social engineering’. Now, let’s get into how the Moonbirds’ creator got hacked.
The strategy? The Moonbirds’ creator got hacked because he was tricked into a false sense of security. Basically, the exploiter executed the hack by forging signatures accepted by OpenSea’s marketplace contract.
Furthermore, the dim light in this murky ordeal is that digital assets such as NFTs, Ethereum, and others owned by Proof remain unaffected after this attack. Why? They require multiple approvals for access. Smart!
NFT Analyst Foobar took to Twitter to further comment on the situation, he noted that most of the stolen assets were well above the floor price, which means that the amount stolen could be as high as $2 million…
be super careful when signing anything, even offchain signatures. kevin rose just had ~$2 million worth of NFTs drained from his vault from signing one malicious seaport bundle. thankfully a couple things held back, like the punk zombie (1000 ETH) which can't be traded on OS pic.twitter.com/GXHR3NQHLf
— foobar (@0xfoobar) January 25, 2023
Moonbirds’ Creator Got Hack: What Does Seaport Have To Do With This?
According to the prominent Twitter NFT Analyst Quit:
Kevin Rose was just lost $2m+ in assets by signing an off-chain signature that created a listing for all of his OpenSea approved assets in one go.
While seaport is a powerful tool, it can also be dangerous if you're not aware of how it works.
A bit of context 1/🧵
— quit (@0xQuit) January 25, 2023
After Moonbirds’ creator got hacked, Quit went on to explain that the Attacker set up a phishing site that was able to view the NFT assets held in Rose’s wallet.
After that, he set up an order to transfer all of Rose’s assets that are approved on OpenSea to himself.
Finally, Kevin Rose unknowingly validated the malicious transaction.
The Stolen Assets
After the Moonbirds’ creator got hacked, we resorted to Etherscan to find out what and which assets were stolen.
Unfortunately, at least 684.7 ETH worth of NFTs were stolen. This is equivalent to $1.1 million as I’m writing this article. And these include:
- At least one Autoglyph (Floor price of 345 ETH).
- 25 Art Blocks aka Chromie Squiggles (Worth a total of 332.5 ETH at least).
- 9 OnChainMonkey items (Worth 7.2 ETH at least).
- One QQL Mint Pass.
- One Admit One pass from Gmoney.
- One Cool Cat NFT.
- One The Currency NFT by Damian Hirst (Yes, the guy who lit paintings on fire).
- One Quantum Key.
Furthermore, after the Moonbirds’ creator got hacked, Kevin and the team discouraged the community from buying any Chromie Squiggles NFTs until they all get flagged!
I was just hacked, stay tuned for details – please avoid buying any squiggles until we get them flagged (just lost 25) + a few other NFTs (an autoglyph) …
— KΞVIN R◎SE (🪹,🦉) (@kevinrose) January 25, 2023
How Did The Community React After Moonbirds’ Creator Got Hacked?
Of course, as in every scam, hack, and attack, the Web3 community recites its condolences to the victim in hopes of them making a speedy recovery from the traumatic experience…
Saddest thing I've seen in crypto to date.@kevinrose wallet drained.
If anyone can come back from this, it's him. pic.twitter.com/HZysg34qji
— Degentraland (@Degentraland) January 25, 2023
so sorry to hear this
— medved (@mattmedved) January 25, 2023
Sorry to hear that Kevin 😔
— Elena🌸 (@ElenaaETH) January 25, 2023
Gutted for you. Best of luck in recovery.
— Josh Ong (@beijingdou) January 25, 2023
This is awful – I’m so sorry to hear that Kevin
— Hernan Lopez (@hernanlopez) January 26, 2023
devastated to hear this 😢
— seedphrase (@seedphrase) January 26, 2023
Now What?
Just earlier this month, we wrote about two other hack attacks! Remember when the COO of Nike’s NFT project RTFKT, and prominent NFT collector CryptoNovo were also attacked? When will this come to an end?
At the moment, Kevin and his team are working closely with the anti-fraud teams from Opensea and Ledger, and are ‘considering all avenues, including legal’. As they should!