We live in a digital era, and that’s all there is to it. But the digital world became a nightmare for an influencer known as NFT God when he lost all of his valuable non-fungible tokens (NFTs) in a hack on January 14.
The story of Alex, who goes by NFT God, is a lesson. All of this started when he downloaded the OBS service for streaming videos. He made a mistake by clicking on a sponsored link on Google that led to software infected with malware. It turns out that cybersecurity expert John Hammond had warned people two weeks earlier about the fake OBS software.
Within hours, a follower told Alex that someone had hacked into his Twitter account. He took back control of his account quickly and deleted the fake tweets that the hackers had put up. But unfortunately, the hacking of Twitter was just the first in a series of attacks. Alex said that all of his wallets were empty of cryptocurrencies and NFTs worth a “life-changing amount.”
Even worse, the hackers also took over his Gmail, Discord, and Substack accounts. Even worse, they sent phishing links in two emails to his 16,000 subscribers.
The Costly Mistake
Alex made a costly mistake when he set up his Ledger account. Even though he was “highly technical,” the way he entered his seed phrase “no longer kept it cold.” Alex hadn’t bought any new NFTs in months and didn’t plan to in the near future, so he put off getting another Ledger cold wallet. Because of this mistake, the hackers could use the malware attack on Alex’s desktop to take control of his crypto and NFTs.
Blockchain data shows that at least 19 ETH, worth almost $27,000 at the time, a Mutant Ape Yacht Club (MAYC) NFT with a current floor price of 16 ETH ($25,000), and several other NFTs were taken from Alex’s wallet. The hacker moved most of the ETH through multiple wallets before it was sent to the decentralized exchange (DEX) FixedFloat, where it was traded for unknown cryptocurrencies.
The Importance of Digital Security
NFT God Alex thinks that the “critical mistake” that led to the wallet hack was setting up his hardware wallet as a “hot wallet” by entering its seed phrase “in a way that no longer kept it offline,” which gave the hackers access to his crypto and NFTs.
This isn’t the first time crypto users have had to deal with malware in Google Ads that steals crypto. A report from the cybersecurity company Cyble on January 12 warned about a piece of malware called “Rhadamanthys Stealer” that steals information and spreads through Google Ads on “highly convincing phishing webpages.” In October, Changpeng “CZ” Zhao, the CEO of Binance, said that Google search results were promoting sites that were trying to steal crypto.
Google has said that it “actively works with trusted advertisers and partners to help stop malware in ads.” The company also scans Google Ads regularly with its “proprietary technology and malware detection tools.” But NFT God’s story shows that it’s still important to be careful and take digital security seriously. Alex’s story is a good reminder that digital security is more than just buying a cold wallet. It’s also about being careful with everything you do on the internet. Everything.