Theft of 29 Moonbirds belonging to DigitalOrnithologist.
Moonbirds NFT collectors were left devasted on Tuesday as a phishing effort resulted in the theft of 29 Moonbirds belonging to DigitalOrnithologist. Each Moonbird had a value of around 750 Ethereum (ETH), which is equivalent to $1.5 million. The victim is said to have lost their NFTs after clicking on a phishing link that was supplied by the con artist, as stated in a tweet that was sent by @CirrusNFT on Wednesday morning.
Moonbirds is an Ethereum NFT that has more than 10,000 PFPs of owls designed in a cartoonish manner (pictures for proof). Investors are provided with access to the “PROOF community” and are given the opportunity to “nest” their NFT owls in order to gain rewards and future benefits.
Phishing is a kind of social engineering fraud in which perpetrators send links to malicious websites that appear like they are legal financial transaction sites in an attempt to trick victims into providing sensitive information. The victim subsequently discloses private information on the website or gives the website access to their financial information (wallets, bank accounts, and so on), at which point the attacker steals the victim’s money.
The Identity of the Moonbirds Scammer has been Revealed
Twitter user @0xLosingMoney claims to have discovered the identity of the person who was responsible for the attempted phishing attack. It was discovered that a user with the handle @DVincent_ was involved in the hoax; however, that user has since deleted their account. @0xLosingMoney has provided a screenshot of the account, in addition to the webpage from where the claimed hacker took 29 Moonbirds NFTs.
According to the allegations, @DVincent_ made contact with the victim and offered to trade NFTs via the p2peers.io website, which has since been taken down. The victim went to the website and accepted the hacker’s wallet, which made it possible for the hacker to steal the victim’s non-fungible tokens (NFTs).
Even though there is very little information available on how the attack was carried out, the connection request that was made was almost probably fake. In certain phishing attempts, users are required to approve a given function and connect their wallets in order to proceed. On the other side, the feature that is being authorized may be one that allows an external user to access the wallet of another user and transfer the contents out of the wallet.
After being lured to a fake trading website, the victim may have been tricked into signing a false transaction, as suggested by the Twitter user @CirrusNFT. The Twitter account @CirrusNFT said that it “seems like the fraudster linked the victim to a fraudulent trading site and got him to sign a flawed transaction.”
In the non-fungible token (NFT) market, several hacking and phishing attacks have taken place over the course of the last few months. In February, malicious actors stole non-fungible tokens (NFTs) worth millions of dollars from the NFT marketplace OpenSea. During the month of March, over $615 million worth of ETH was stolen from Axie Infinity’s Ronin Network.
Investors in NFTs and cryptocurrencies need to be vigilant if they want to protect themselves against any future phishing attacks. Verification of links should be done on a regular basis by users; if they have any doubts about the reliability of a website, they should avoid going there and should not connect their wallets to it.
About Moonbirds NFT Collection
Founded by the PROOF Collective, which is currently working on various NFT projects and also serves as an exclusive social club for the 1,000 holders of “PROOF Collective” NFTs, the “Moonbirds” NFT collection is named after the constellation of the Moonbirds. The stunning debut of the “Moonbirds” seems to have been made possible by investors who have substantially backed the founding members of the PROOF Collective, which includes digital entrepreneur and Digg founder Kevin Rose, as well as Web3 investors Justin Mezzell and Ryan, as well as others.