It has been reported that the sudden attack and the money drain all took place within the span of 30 minutes. This is another grim day for the NFT community, with rampant attacks on multiple top founders and projects occurring one after the other.
However, on Friday afternoon, the official Twitter of NFT innovators Azuki was hacked. Project community manager Emily Rose confirmed the news on Twitter minutes after the hack took place. In the tweet, she warns users to not engage with or click on any of the malicious links posted on the account. The malicious tweet sent out a link asking followers to “claim land” in Azuki’s native “The Garden” metaverse.
The report said that the hacked tweets were deleted soon from the account, but managers still warned of clicking any malicious links. Although, all the damage control was in vain. This is because by this time, Azuki saw a wallet drain of over $750,000 USDC, 11 NFTs, and an added 3.9 ETH. This link sent users to sign a “drainer” contract to dupe them into losing control of their wallets and transferring NFTs to the hacker.
Likewise, project founder Hoshiboy also confirmed the hack, and explained that he is in talks with Twitter to resolve the situation. The 750K USD drain happened from one single account. The Azuki Twitter also states that the account is fully 2-factor authenticated. In the thread alerting the hack, the account also says that the project always sends out its official releases via ALL of its social media at once – Twitter, Discord, and the official Azuki website.
To add to this, crypto detective @ZachXBT claims this attack is one of a series of drains by a hacker known only as Lock. According to the crypto sleuth, Lock is the same hacker responsible for the compromise of Mutant Hounds, AKCB, and Chimpers Twitter accounts recently. Additionally, there are some who believe all of these may be inside jobs from Twitter itself.
Harry Denley from Metamask Security Research also caught on to the scam early and forced a domain block on the platform. He claims the hack may have taken place due to 3 key reasons:
· scenario a) password/cookie compromise.
· scenario b) twitter “god mode” – A program that allows Twitter staff to tweet from any account.
· scenario c) A malicious OAuth app.
Although, he claims “scenario a” is the most likely case. Phantom Wallet also blocked the domain on their platform soon after.
Thus, this is a strange time in crypto. The small but significant bull run is still steady. And yet there are a series of phishing attacks and hacks happening almost every day. There is an lack of security on the Twitter platform in general.
Source: NFT Evening