Arthur Cheong, the founder of the cryptoasset firm DeFiance Capital, had one of his hot wallets hacked, resulting in the loss of over 70 blue-chip non-fungible tokens (NFTs) valued at over USD 1.76 million. The tragedy serves as yet another strong lesson to all NFT investors to be more cautious – and less trusting – with their digital assets.
Cheong, also known as Arthur0x, has speculated that the underlying cause of the exploit is “a spear-phishing email” he received posing as one of their portfolio businesses.
He remarked, “I found out the likely underlying cause for the exploit, and it’s a targeted social engineering attack.” “Received a spear-phishing email that appears to have been sent by one of our portcos and contains general industry-relevant content.”
Was being careless on this one since it comes from 2 seemingly legitimate sources.
Once I open the file then I see the images below and then it proceed to the normal PDF document, didn't suspect what's wrong back then:https://t.co/i3bfHCMWYe
— Arthur 🌔⛩️🦔👻 (@Arthur_0x) March 22, 2022
Cheong’s computer may have been infected with a virus after viewing a PDF pitch deck, according to Adam Cochran, a crypto expert and partner at the venture firm Cinneamhain Ventures.
“I’ve had several cold email pitches in the past that virus scanners discovered were hacked,” Cochran said, adding that this has become a “popular attack vector for investors.”
Yea might be since I receive lots of unsolicited pitch deck and sometimes I will check them out
— Arthur 🌔⛩️🦔👻 (@Arthur_0x) March 22, 2022
The most common hazards, according to Cochran, are file extensions like PDFs,.docxs,.xlsx, and.jpeg, which are sometimes used to create pitch decks, and there’s even a chance that a virus scan won’t be able to detect it.
However, viewing files using uploaders such as Google Drive and Docsend, which remove macros and other underlying code, is safe, he stressed.
“Personally, I solely use docsend or google drive to store my presentations. github can be useful at times “Cochran stated, which appears to be sound advise for any NFT investor interested in presentation decks. “Even then,” Cochran added, “I open it on a stripped-down browser on a safe machine that I don’t use for anything else.”
Direct connect to web on that one. Didn't feel the need to airgap as there is nothing on that device, it is only used as a document viewer. Even if it got compromised there is nothing to compromise.
— Adam Cochran (adamscochran.eth) (@adamscochran) March 22, 2022
According to data from Etherscan, the hacker took over 70 NFTs from Cheong, including at least five CloneX NFTs and 17 Azuki NFTs.
ETH 585.4 is now held in the hacker’s wallet, which is labelled “Arthur0x Wallet Hacker” by Etherscan (USD 1.76m). It’s worth noting that the hacker hasn’t sold all of the stolen NFTs. As a result, the exact amount of stolen funds in US dollars is still unknown.
Disclaimer: These are the writer’s opinions and should not be considered investment advice. Readers should do their own research.