$1.5 Million worth of Moonbirds NFTs are stolen by hackers in a phishing attack

29 Moonbirds worthy astir 750 Ethereum (ETH) ($1.5 million) were stolen from their owner, DigitalOrnithologist, during a phishing onslaught connected Tuesday. The unfortunate mislaid their NFTs aft accessing a phishing nexus supplied by a fraudster, according to a tweet by @CirrusNFT connected Wednesday morning.

29 Moonbirds were conscionable stolen successful a hack.

~750e (~$1,500,000) successful worth mislaid by clicking connected a atrocious link.

Sickening seeing worldly similar this. Let this beryllium a reminder to ne'er ever click connected links and to bookmark the marketplaces/trading sites that you use. pic.twitter.com/7iWO5LMovL

— Cirrus (@CirrusNFT) May 25, 2022

Moonbirds is an Ethereum NFT postulation of implicit 10,000 cartoon-style owls PFP’s (pictures for proof). Investors Holders are granted entree to the “PROOF community” and fixed the quality to “nest” their NFT owls to accrue rewards and aboriginal benefits.

Phishing is simply a societal engineering benignant of scam wherever attackers nonstop imaginable victims links to malicious sites that look to beryllium reputable websites for fiscal transactions. The unfortunate past enters delicate accusation into the tract oregon gives the tract entree to their fiscal details (wallets, slope details etc.,) and the attacker past steals the victim’s funds.

Twitter idiosyncratic @0xLosingMoney claims to person identified the idiosyncratic down the phishing attack. The idiosyncratic linked the scam to a idiosyncratic named @DVincent_, who has present deleted his account. @0xLosingMoney posted a screenshot of the relationship and the tract allegedly utilized by the hacker to bargain the 29 Moonbirds NFTs.

🚨Community Scam Alert @p2peers 🚨

➼ https://t.co/9cTRutiMbm was utilized by scammer (@Dvincent_) contiguous to bargain 29 MOONBIRD NFTS (>$700,000 USD).

➼ I've done my champion to find retired what happened on-chain and retrieved arsenic overmuch info arsenic I can.

Follow on with what I recovered 🧵👇 pic.twitter.com/lXRw6fgcCl

— Andeh #OnChain (@0xLosingMoney) May 25, 2022

Apparently, @DVincent_ approached the victim, offering to commercialized the NFTs done the p2peers.io website, which has present been taken down. The unfortunate went to the tract and approved the hacker’s wallet, enabling them to bargain the victim’s NFTs.

While determination are scarce details connected however the onslaught was carried out, it was astir apt a malicious transportation request. Some phishing attacks enactment by asking users to link their wallets and o.k. a circumstantial function. However, the relation that is being approved could beryllium a relation that allows an outer idiosyncratic to entree their wallet and transportation retired the contents.

Twitter idiosyncratic @CirrusNFT believes that the unfortunate whitethorn person been lured to a fake trading tract and tricked into signing a malicious transaction:

“Sounds similar the scammer linked the unfortunate to a fake trading tract and got him to motion a atrocious transaction.” @CirrusNFT said successful their tweet.

The NFT abstraction has experienced a batch of hacking and phishing attacks implicit the past fewer months. In February, the NFT marketplace OpenSea suffered a phishing onslaught wherever hackers stole NFTs worthy millions. In March, implicit $615 cardinal worthy of ETH was stolen from Axie Infinity’s Ronin Network.

NFT and crypto investors indispensable stay vigilant to support themselves from aboriginal phishing attacks. Links should ever beryllium verified, and users should not sojourn immoderate sites oregon link their wallets to them if they person immoderate doubts connected their authenticity.