On Sunday, May 22nd, popular NFT creator and 3D artist Mike Winkelmann (also known as Beeple), had his Twitter account hacked by bad actors in a phishing scam attempt. But the hack may have taken advantage of Beeple’s recent partnership with the Louis Vuitton luxury fashion outfit.
Recall that earlier in the month, Beeple had helped Louis Vuitton to design 30 non-fungible tokens NFTs for its mobile game “Louis The Game.” And while that was real, the tweets from Beeple’s Twitter account on Sunday may not have been.
The Hack
As called out by MetaMask security analyst Harry Denley, Sunday tweets by Beeple contained malicious links disguised as a fake Louis Vuitton NFT raffle. According to him, those links were in fact, phishing links that, once clicked, could empty the crypto wallets of users.
For more than five hours, the hacker was posting various phishing links on Beeple’s Twitter. They lured the victims by promising them free mints for rare and unique NFTs. And maybe convincingly enough, the victims were led to a fake Beeple collection.
Meanwhile, a quick view of the on-chain records of one of the scammers’ wallets shows that the first phishing link alone made them 36 Ethereum (ETH). That was worth roughly $73,000 at the time.
Another link that was posted within the period, also made the scammers close to 180 ETH. That’s another $365,000 worth of ETH. The same link also scored the scammers some high-value NFTs including VeeFriends, Mutant Ape Yacht Club (MAYC), and others.
As it turns out, Denley calculated a total of about $438,000 worth of digital assets, stolen from the hack.
Interestingly, Beeple would later tweet that he has gotten his account back. But he also seized the opportunity to warn his followers that subsequently, anything that sounds too good to be true, is probably a scam. And they must stay away from them.
Phishing Scam: Becoming A Menace
It is important to note that recently, there’s been a wave of phishing scams, especially around the world of NFTs. But this is as scammers attempt to make illegitimate money off of the NFT hype. In fact, cybersecurity firm Malwarebytes released a report in early May, claiming that the most common mode of operation of these scammers is the use of fraudulent websites disguised as legitimate platforms. In other words, phishing is their most common tactic.
Meanwhile, Beeple is not exactly new to this kind of attack. Back in November 2021, there was a similar hack on an admin account on Beeple’s Discord. And just like this time, the scammers were also promoting a fake NFT drop, leading users to lose around 38 ETH.
