The collector Larry Loulit had 13 non-fungible tokens (NFTs) stolen, with a total value of about $2.7 million.
\n\n\n\n
The attackers deceived victims into signing fake transactions to gain access to Loulit’s NFTs.
\n\n\n\n
Initially, the hackers gained control of the Moschi Mochi NFT collection’s Discord server and posted an announcement of the release of thousands of additional tokens.
\n\n\n\n
🚨Earlier today, our discord was compromised. This caused our community to take a loss of roughly 35E. If you are a project owner, please read to avoid any potential issues!
Here’s a thread of how it happened 🧵
— Moshi Mochi 🍡✨ (@MoshiMochiNFT) February 1, 2022
Loulit sent 0.49 ETH in exchange for 14 NFTs. Among the transactions for confirmation, attackers directed a phishing one that granted full access to the wallet.
\n\n\n\n
After the victim signed everything, the attackers drained Loulit’s NFTs. Among them were seven Bored Ape tokens, five Mutant Apes and one Doodle.
\n\n\n\n
Experts advise to always check the details and use wallets containing only a small amount of funds during such transactions to avoid similar incidents.
\n\n\n\n
Earlier, an unknown attacker stole three NFTs from the son of Animoca Brands’ cofounder, using a phishing link.
\n\n\n\n\n\n\n
Follow ForkLog’s Bitcoin news on our Telegram — cryptocurrency news, rates and analysis.
\n\n\n\n