How a Popular NFT Influencer Lost Life-Changing Money to a Scam

How a Popular NFT Influencer Lost Life-Changing Money to a Scam

Fraudulent organisations are increasingly using Google Ads to transmit malware to naive people looking for popular software packages. “NFT God,” a fictitious NFT user is the latest victim of such a scam. 

As a result, they alleged that their “entire digital livelihood” had been violated.

Losing a Life-Changing Amount

It all started when a well-known NFT influencer attempted to install OBS on their home desktop computer. They wound up clicking on a sponsored advertisement rather than the company’s actual website. 

NFT God discovered malware only after attackers sent phishing tweets from both of their Twitter accounts. 

The individual stated in a series of tweets that both personal and business accounts—Twitter, Substack, Gmail, Discord, and wallets—were hacked, resulting in a “life-changing amount” of their net worth being lost. The attackers even sent phishing emails to thousands of his Substack subscribers. 

“My stack is more important to me than anything else in my life that isn’t a real being.” It’s where I do my most intimate work. It’s where I established my community. It is the personal success in my life that I am most proud of. It was now on the verge of being demolished. The hackers sent two emails containing compromised URLs to my 16,000 closest followers. The trust I’d fought so hard to earn was gone. “Losing a portion of my net worth is insignificant in comparison to losing the trust of my community.”

According to blockchain data, the attackers took at least 19 ETH, as well as many other NFTs, including one Mutant Ape Yacht Club (MAYC), from this wallet. Most Ether funds were transferred to different wallets before being exchanged for various digital assets on a decentralised exchange called FixedFloat.

NFT God believes that entering the seed phrase “in a way that no longer kept it cool” in one technology led to the failure of another. They stated that, while not purchasing a cold wallet is a “fatal error,” it does not account for digital security. It is also critical to exercise caution when using the Internet.

Abuse of Google Ads

Google Ads primarily assist advertisers in promoting their pages on Google Search. Anyone who does not have an active ad blocker sees the promotion first. If Google discovers a fraudulent site, it will halt the campaign, removing the advertising. As a result, in order to avoid Google’s policy enforcers and automated checks, threat actors have resorted to a more complex strategy. 

According to a recent Guardio Labs investigation, the malicious sponsored advertisement link redirects victims to a benign site before forwarding them to a Trojanized version masquerading as legitimate. 

The victim is subsequently directed to the harmful payload by the rogue site. The threat actors allegedly trick users into downloading counterfeit versions of various well-known projects. While people received what they downloaded, spyware would be surreptitiously installed. 

Because the payload is primarily downloaded through trustworthy file-sharing and code-hosting platforms like GitHub, Dropbox, and others, anti-virus systems operating on victims’ PCs fail to send an alarm.

Share to Social Media

Recent Articles

Join Our Newsletter