Phishing scam: Beeple’s Twitter account hacked

Beeple’s Twitter account hacked as part of a phishing scam

Beeple is a popular digital and non-fungible token (NFT) artist. The artist is known for having sold an NFT for $6 million at Christie’s auction house and creating 30 NFTs for Louis Vuitton’s NFT game, Louis the game. On Sunday, someone hacked Beeple’s Twitter account as part of a phishing scam. Phishing scams aim to access users’ sensitive information by posing as trustworthy entities or people. After obtaining the information, scammers can steal users’ funds.

Beeple's tweet — *Source:* *https://twitter.com/beeple/status/1528380635081068544*

A Twitter user was the first to report the phishing scam. The hacked Twitter account temporarily displayed a first link to a phishing website. This link would redirect to a raffle of Louis Vuitton and Beeple’s collection that would steal users’ assets if clicked. More specifically, after connecting their wallets, 1 ETH would be sent to the contract 0x7b69c4f2acf77300025e49dbdbb65b068b2fda7d.

In total, this phishing link allowed the scammer to steal 36 ETH worth around $70,000 stolen from users. The hacker then sent the stolen ETH to another intermediate address. The funds eventually reached the crypto mixer Tornado Cash so the scammer can launder the stolen funds.

Destination of funds from Beeple hack address — *Destination of funds from 0x7b69c4f address*

*Destination of funds from the intermediate address*

Then, the hacker published a second link with the hacked account. The fake minting link was urging people to send ETH to this address 0xcad7fc974f61a08adef110d1ba446fa5b5b5bb27 allowing to steal 37 WETH and 63 ETH worth almost $200,000.

If we analyze the transactions we can see that the scammer performed a DEX trade to swap the WETH for ETH. All of the ETH funds ended up on Tornado Cash.

Screenshot of Beeple hack transaction details on Scorechain's platform

In addition to stealing users’ funds, the scammer has also been able to steal 45 NFTs for around $166,000.

Rise of crypto-related scams

For example, back in 2020, 130 Twitter accounts from celebrities including Barack Obama, Elon Musk, and Bill Gates were hacked as part of a Covid-19 giveaway scam. The scammers used the hacked accounts to trick people into sending crypto funds promising to send back double.

Last month, the Bored Ape Yacht Club, an NFT collection, also had its Instagram account hacked. In the same manner, the hacker posted a link to a fake BAYC website with a fraudulent airdrop. The phishing website urged users to sign a ‘safeTransferFrom’ transaction allowing scammers to drain users’ wallets. As a result, $3 million worth of NFTs was stolen from users’ wallets.

Screenshot Of Bored Ape Yacht Club's tweet announcing the hack. — *Source:* *https://twitter.com/BoredApeYC/status/1518637579633053701*

While there are still scams targeting crypto owners, several governments are taking action against them. For instance, yesterday the government of Uruguay announced launching a communication campaign to educate the population on the most common cryptocurrency scams.

Mitigating AML risks related to crypto scams

As illicit funds represent higher risks in terms of money laundering, it is essential that crypto-related companies have all the necessary tools to monitor that they don’t have exposure to scams or hacked funds for instance.

Scorechain is providing best-in-class blockchain analytics tools with risk scoring and red flags allowing users to perform enhanced monitoring on their cryptocurrency transactions thus avoiding unnecessary risks. Would you like to see a live demo of the solution? Don’t hesitate to request a demo.

Request a demo

About Scorechain

Scorechain is a Risk-AML software provider for cryptocurrencies and digital assets. As a leader in crypto compliance, the Luxembourgish company has helped more than 200 customers in 45 countries since 2015, ranging from cryptocurrency businesses to financial institutions with crypto trading, custody branch, digital assets, customers onboarding, audit and law firms, and some LEAs.

Scorechain solution supports Bitcoin analytics with Lightning Network detection, Ethereum analytics with all ERC20 tokens and stablecoins, Litecoin, Bitcoin Cash, Dash, XRP Ledger, Tezos, Tron with TRC10 and TRC20 tokens, and BSC with BEP20 tokens. The software can de-anonymize the Blockchain data and connect with sanction lists to provide risk scoring on digital assets, transactions, addresses, and entities. The risk assessment methodology applied by Scorechain has been verified and can be fully customizable to fit all jurisdictions. 300+ risk-AML scenarios are provided to its customers with a wide range of risk indicators so businesses under the scope of the crypto regulation can report suspicious activity to authorities with enhanced due diligence.