Targeted phishing scam nets $438K in crypto and NFTs from hacked Beeple account

Sebastian Parker
Sebastian Parker
Last Updated on May 23, 2022

His Twitter account was hacked by Mike Winkelmann (better known as Beeple) as part of a phishing scheme.

Harry Denley, a security analyst at MetaMask alerted users to the fact that Beeple’s tweets that contained a link for a raffle of a Louis Vuitton NFT Collaboration were actually phishing scams that would drain crypto from users’ wallets if they clicked.

These scammers likely wanted to profit from a recent collaboration between Louis Vuitton and Beeple. Beeple had earlier in May designed 30 NFTs to be embedded as rewards for players in the luxury fashion brand’s mobile game “Louis The Game”.

The scammer posted phishing links to Beeple’s Twitter account, leading to fake Beeple collections, tempting unsuspecting users with a promise of a mint for unique NFTs.

Beeple’s Twitter account had phishing links up for about five hours. On-chain analysis of one scammers’ wallets showed that the first phishing hyperlink scored them 36 Ethereum ( ETH), which is approximately $73,000 at the time.

The scammers were able to get the second link for $365,000 in ETH and NFTs. This was from high-value collections like the Mutant Ape Yacht Club and VeeFriends. This brings the total amount of the scammers’ proceeds to $438,000.

On-chain data shows that the fraudster sold the NFTs through OpenSea, and then put their stolen Ethereum into a cryptocurrency mixer to try to conceal the gains.

Beeple tweeted later that he had regained his control and reminded his followers that “anything that seems too good to be true is a F*CKING SCAM.”

Related: We need a massive education project to combat hacks and scams

Beeple is the creator of three of the ten most costly NFTs, including the one that sold for $69.3million. This was the highest price ever paid to a single owner. Hackers have made Beeple a target.

A Beeple’s Discord admin account was hacked by scammers. They also promoted a similar fake NFT drop, which led to users losing approximately 38 ETH.

Malwarebytes, a cybersecurity company, released a report earlier this month that highlighted an increase in phishing attempts by scammers trying to cash in on NFT hype. Scammers use fraudulent websites that appear to be legitimate platforms as their most popular tactic, according to Malwarebytes.