As Web3 adoption goes further and more beginners enter the space, hackers are becoming more active, with more phishing attacks being recorded in the latest quarter of 2022 and social media being noted as a major platform of choice for conducting the hacks. In the quarterly report of security firm CertiK, the team has found a 170% increase in phishing attacks in the second quarter of 2022. According to the security firm, 106 attacks were recorded in the first quarter, while 290 events were noted in the next quarter. According to the blockchain security firm, most phishing attacks have been …

The British Army’s official Twitter, Facebook and YouTube accounts were breached on Sunday for almost four hours, with scammers promoting rip-off nonfungible token (NFT) collections and cryptocurrency scams. Just after 2:00 pm EST on Sunday, the United Kingdom Ministry of Defence (MOD) Press Office tweeted it was aware the Army’s social media accounts were compromised and had begun an investigation. Nearly four hours later, close to 5:45 pm EST, the Office provided an update that the account breaches were resolved. The British Army's official Twitter account also apologized for the posts, saying it would conduct an investigation and “learn from …

Noah Davis, the nonfungible token (NFT) specialist at auction house Christie’s, has said he’s leaving the position in July to take up a post as brand lead for the CryptoPunks NFT collection with Yuga Labs. Announcing the move on Sunday in a Twitter thread, Davis looked to quash any anxieties holders had regarding the future of one of the oldest NFT projects, saying he “will not f*ck with the punks.” What does that mean? It means no Punks on lunchboxes or cringe TV shows/shitty movies. It means no arbitrary rushed utility or thoughtless airdrops. It means if you love your …

Yuga Labs, the creator of two of the most popular ape-themed nonfungible token (NFT) offerings — Bored Ape Yacht Club (BAYC) and OtherSide — witnessed yet another orchestrated phishing attack, with investors losing over 145 Ether (ETH) or nearly $260,000 at the time of writing. OKHotshot, a blockchain detective and a member of the Crypto Twitter community, alerted crypto investors about the compromise of two official Discord groups linked to BAYC and OtherSide NFTs. BAYC & OtherSide discords got compromised‼️ Seems because Community Manager @BorisVagner got his account breached, which let the scammers execute their phishing attack. Over 145E in …

A Proof Collective member has fallen victim to a scam, losing 29 highly-valuable Ethereum (ETH)-based Moonbirds. According to a tweet by Cirrus on Wednesday morning, the victim lost 29 Moonbird nonfungible tokens (NFTs) worth $1.5 million after clicking a malicious link shared by a scammer. 29 Moonbirds were just stolen in a hack. ~750e (~$1,500,000) in value lost by clicking on a bad link. Sickening seeing stuff like this. Let this be a reminder to never ever click on links and to bookmark the marketplaces/trading sites that you use. pic.twitter.com/7iWO5LMovL — Cirrus (@CirrusNFT) May 25, 2022 Dollar, a Twitter personality …

Digital artist and popular nonfungible token (NFT) creator Mike Winkelmann, more commonly known as Beeple, had his Twitter account hacked on Sunday as part of a phishing scam. Harry Denley, security analyst of MetaMask, alerted users that Beeple’s tweets at the time containing a link to a raffle of a Louis Vuitton NFT collaboration were, in fact, a phishing scam that would drain the crypto out of users’ wallets if clicked. ⚠️ Beeple's Twitter account has been compromised (ATO) to post a phishing website to steal funds. 0x7b69c4f2ACF77300025E49DbDbB65B068b2Fda7D 0xF305F6073CFa24f05FF15CA5b387DD91f871b983 pic.twitter.com/0MPNwOPlEu — harry.eth (whg.eth) (@sniko_) May 22, 2022 The scammers were …

Cybersecurity experts identified and disclosed the rising popularity of airdrop phishing among crypto and nonfungible token (NFT) scammers. Airdrops serve as an essential marketing tool for crypto projects, which involves sending free cryptocurrency tokens or NFTs to promote awareness among investors. However, a new report released by Malwarebytes Labs highlighted an alarming rise in airdrop phishing attempts as scammers try to cash in on the hype around Yuga Labs’ BAYC Ape-related NFT collection. Airdrop phishing: what is it, and how is my cryptocurrency at risk? https://t.co/kWG09l06fi — Malwarebytes (@Malwarebytes) May 3, 2022 Malwarebytes recorded that the most common airdrop phishing …

As told by Bored Ape Yacht Club (BAYC) developers on Monday, hackers breached the popular nonfungible token (NFT) collection’s official Instagram page and shared links to a fake airdrop with the project’s followers. Crypto enthusiasts who connected their MetaMask wallets to the scam website were subsequently drained of their Ape NFTs. It appears that the attack was planned to coincide with the one-year anniversary of the launch of the BAYC collection, thus increasing the “perceived credibility” of the phishing link. Unconfirmed reports on social media indicate that approximately 100 NFTs were stolen during the phishing attack. Based on data from …

Peckshield, a prominent blockchain security firm, exposed the existence of numerous phishing websites for the Web3 lifestyle app STEPN on Monday. Hackers insert a forged MetaMask browser plugin through which they can steal seed phrases from unsuspecting STEPN users, according to Peckshield. When these cybercriminals obtain the seed phrase, they gain complete control over the STEPN user's dashboard where they may connect their stolen wallets to their own or "claim" a giveaway as per Peckshield. #PeckShieldAlert #phishing PeckShield has detected a bath of @Stepnofficial phishing sites. They insert a false Metamask browser extension leading to stealing your seed phrase or …

ConsenSys-owned crypto wallet provider MetaMask has sent out a warning to the community regarding Apple iCloud phishing attacks. The security issue for iPhone, Mac and iPad users is related to default device settings which see a user’s seed phrase or “password-encrypted MetaMask vault” stored on the iCloud if the user has enabled automatic backups for their application data. In a Twitter thread posted on Monday, MetaMask noted that users run the risk of losing their funds if their Apple password “isn’t strong enough” and an attacker is able to phish their account credentials. To fix the issue, users can disable …

New Jersey-based crypto financial institution BlockFi confirmed a data breach incident via one of its third-party vendors, Hubspot. BlockFi’s proactive warning about the breach aims to deter the intentions of bad actors in repurposing the user data for fraudulent activities. According to the announcement, the hackers gained access to BlockFi’s client data on Friday, Mar. 18, that were stored on Hubspot, a client relationship management platform: “Hubspot has confirmed that an unauthorized third-party gained access to certain BlockFi client data housed on their platform.” As a third-party vendor for BlockFi, Hubspot stored user data such as names, email addresses and …

Recently launched NFT project, Rare Bears, was hit with an attack, after a hacker posted a phishing link in the project's Discord channel, stealing nearly $800,000 in NFTs. Analysis from blockchain security firm Peckshield detailed that the attacker was able to steal 179 NFTs, including Rare Bears and other NFTs from various collections, including CloneX, Azuki, a “mfer” from artist sartoshi, and 6 LAND tokens used for The Sandbox metaverse. According to on-chain analysis, most of the NFTs were sold, netting the hacker 286 ETH, worth over $795,500, most of which was promptly put through Tornado Cash, a crypto mixer …