Mike Winkelmann, AKA Beeple, a digital artist and popular non-fungible token (NFT) developer, had his Twitter account hacked on Sunday, May 22 as part of a phishing scam.
Users were warned by Harry Denley, a Security Analyst at MetaMask, that Beeple’s tweets at the time, which contained a link to a raffle for a Louis Vuitton NFT collaboration, were in actuality phishing scams that would drain crypto from users’ wallets if they clicked.
The con artists were most likely attempting to profit off a legitimate recent collaboration between Beeple and Louis Vuitton. Beeple produced 30 NFTs for the premium fashion brand’s “Louis The App” mobile game in May, which were used as player incentives.
The scammer continued to exploit Beeple’s Twitter account to send phishing links to bogus Beeple collections, luring unwary people in with the promise of a free mint for unique NFTs.
The phishing links were live on Beeple’s Twitter for around five hours, and an on-chain investigation of one of the scammers’ wallets showed that the first phishing link netted them 36 Ethereum (ETH), which was worth about $73,000 at the time.
The scammers got roughly $365,000 in ETH and NFTs from high-value collections including the Mutant Ape Yacht Club, VeeFriends, and Otherdeeds, among others, bringing the total value stolen from the scam to around $438,000.
According to on-chain data, the fraudster sold the NFTs on OpenSea and then transferred their stolen ETH into a crypto mixer to try to hide their winnings.
Beeple later tweeted that he had reclaimed control of his account, adding that “anything too good to be true IS A F*CKING SCAM.”
Beeple is responsible for three of the top ten most valuable NFTs ever sold, including one that sold for $69.3 million, the highest price ever paid by a single owner. Because of his celebrity, he has been a target for hackers.
In November 2021, a Beeple Discord admin account was hijacked, with scammers advocating a similar phony NFT drop, resulting in customers losing about 38 ETH.
Scammers are trying to cash in on the NFT buzz, according to research released earlier this month by cybersecurity firm Malwarebytes. Scammers’ most popular approach, according to the business, is to exploit bogus websites that appear to be reputable platforms.