Unfortunately, pools of non-fungible tokens (NFTs) are still prime targets for hackers, and Project Azuki has paid the price. A malicious person took over the project’s Twitter account to share a phishing link and managed to steal money from some users.
Azuki’s Twitter account is in the wrong hands
Friday January 27th Non-Fungible Token (NFT) Project Azuki’s Twitter account has been hacked. The person responsible for the mischief invited the Azuki community to come and “claim the land” in the “garden”, the metaphors assigned to the group.
Screenshot of malicious tweet, since deleted (hidden link)
Unfortunately, via this link that all seemed honest at first glance, Azuki’s wallets were emptied from their wallets. Giving malicious permission on a phishing site. in just 30 minutes, 11 NFTs And 3.9 ETH recovered by the hacker, then 750,000 USDC recovered Send to his wallet It has now been identified as phishing by Etherscan.
The USDCs were then sent to another wallet, also identified by Etherscan, which replaced its tokens with WETH (Ether wrapped) thanks to the Decentralized Finance (DeFi) protocol Uniswap v3.0 through two distinct processes here And here.
Community Manager for the project, Rose, he quickly confirms that Azuki’s account has been hacked. Fortunately, the damage was relatively limited thanks to the community response, since MetaMask, for example, quickly blocked the domain in question to protect its users, just like Phantom or ZenGo.
👉 Discover our tutorial on storing and securing your cryptocurrency
All-in-one encryption app
0 fee on your first cryptocurrency purchase 🔥 (up to $200)
It’s a somewhat ambiguous issue
Fortunately, Azuki’s Twitter account was recovered in the eveningand a post-mortem tweet was posted overnight from the project.
1 / the @employee Twitter was hacked today. A series of malicious tweets were posted on the morning of Friday, January 27th (Pacific Time).
The team regained control @employee Twitter.
Details below 👇
– Azuki (@AzukiOfficial) January 27, 2023
As indicated in the thread, the Twitter account was recovered relatively quickly thanks to the work carried out in coordination with the social network’s teams. However, complete mystery remains as to the origin of the glitch, as it appears, according to the press release, That the relevant account has been secured by two-factor authentication (2FA). So Azuki launched an investigation in order to shed light on this topic.
ZachXBT, known for his investigations on the chain, seems to have found the beginning of the lead. According to him, it was the same person who managed to hack Twitter accounts NFT Mutant Projects Hounbds, AKCB, and Chimpers.
It was the same scammer named Lock who hacked the Mutant Hounds, AKCB, and Chimpers Twitter accounts recently. pic.twitter.com/YSgy6SnvJr
– ZachXBT (@zachxbt) January 27, 2023
It also states that the error may come from Twitter’s side And that Azuki’s teams could have done nothing else to prevent the attack, which explains the flaw by bypassing 2FA, a recognized security measure. Actually, we have already seen Some hackers are willing to pay large sums In the past to circumvent the security of Twitter accounts.
However, this is just speculation, and nothing has been confirmed yet. However, it will be interesting to understand how the same hacker gained access to so many different Twitter accounts.
On the same topic – $1.4 Million in NFTs Heist: How to Avoid New Phishing Attacks?
Cryptoast has launched its first batch of NFTs
NFTs associated with a collector’s paper magazine 🔥
Get a roundup of cryptocurrency news every Monday via email 👌
What you need to know about affiliate links. This page displays assets, products or services related to investments. Some of the links in this article are affiliated. This means that if you buy a product or register on a site from this article, our partner pays us a commission. This allows us to continue to provide you with original and useful content. There is no impact on you and you can even get rewarded using our links.
Investing in cryptocurrencies is very risky. Cryptoast is not responsible for the quality of the products or services provided on this page and cannot be held responsible, directly or indirectly, for any damage or loss resulting from the use of a good or service mentioned in this article. Crypto assets investments are inherently risky, readers should do their own research before taking any action and only invest within their financial capabilities. This article does not constitute investment advice.
AMF Recommendations. There is no guaranteed high return, a product with a potentially high return carries high risk. This risk must be in line with your project, your investment horizon, and your ability to lose part of this savings. Do not invest if you are not prepared to lose all or part of your capital.
To go further, read our pages Financial situationAnd Media transparency And legal notice.