A Cautionary Tale of Moonbirds Creator’s Million-Dollar NFT Loss

Kevin Rose, the renowned and affluent founder of the esteemed NFT projects Proof Collective and Moonbirds, was unfortunately targeted by the diabolical practice of social engineering, resulting in a catastrophic loss of an estimated $2 million and beyond. This raises the question — how could a seasoned NFT expert and visionary entrepreneur like Kevin, who has witnessed countless hacking incidents, fall prey to this treacherous tactic? The answer lies in social engineering, a sinister art that involves manipulating individuals into divulging confidential information or performing actions through psychological means instead of relying on technical cracking techniques.

One of the most devastating examples of social engineering in the crypto realm occurred last year in March 2022, when the popular play-to-earn game Axie Infinity suffered a hacking breach via a malicious fake job offer accepted by the chain’s engineer. With just one click on a seemingly harmless PDF document, a staggering $540 million worth of crypto was compromised. This is a stark reminder that no defense can fully protect against a well-executed social engineering attack.

However, we can heed the lessons of the past and educate ourselves as thoroughly as possible to avoid becoming the next target. According to Kevin’s tweet dated January 26th just two weeks ago, he had fallen victim to a hacking attack. The tweet sent shockwaves through the crypto community and garnered over 1.6 million views.

How Did the Hack Happen?

Kevin took to Twitter to recount the experience and shared the details with the world. As he was attempting to sell a high-valued Chromie Squiggles from his secure cold wallet (Ledger), Kevin found himself engaged in a multitasking scenario while speaking with his team members. Sadly, this multitasking proved to be the downfall that allowed the hack to occur.

Kevin disclosed that he was an admirer of ‘The Meme by 6529’ and had engaged in online conversations with the creator on multiple occasions. He was excited to receive an airdrop of the 6529 collections and was eager to explore the newfound collection. Kevin noticed there were already transactions in an individual 6529 artwork, Which looked fine at first, leading him to click on a link on OpenSea’s page and was redirected to a seemingly legitimate fake website of 6529 on a .XYZ domain (http://memes6529.xyz/ if you are curious).

The website was beautifully designed and appeared entirely trustworthy, with no red flags such as the typical ‘mint now’ button or countdown timer commonly found on suspicious websites. This false sense of security caused Kevin to connect his wallet and sign an unknown signature request, only to realize too late that he was being duped. Upon being requested to sign for the second time, he was asked to authorize all of his Meebits NFT, causing Kevin to sense that something was amiss immediately. Tragically, it was too late, and 40 NFTs worth $2 million were transferred before Kevin could revoke the authorization. Aaran, the VP of Engineering of Proof, on the phone call with Kevin, confirmed that this was a textbook case of social engineering.