Mike Winkelmann, more widely known as Beeple, a digital artist and popular nonfungible token (NFT) developer, had his Twitter account hijacked as part of a phishing scheme on Sunday.
Users were warned by MetaMask security analyst Harry Denley that Beeple’s tweets at the time, which included a link to a raffle for a Louis Vuitton NFT partnership, were a phishing scheme that would drain crypto from users’ wallets if clicked.
The con artists were most likely hoping to profit from a real-life partnership between Mike Winkelmann and Louis Vuitton. Mike Winkelmann designed 30 NFTs for the Louis The Application mobile game, which were implanted as incentives for users, earlier in May.
The fraudster proceeded to tweet phishing links from Mike Winkelmann’s Twitter account, directing readers to fake Beeple collections with the promise of a free mint for unique NFTs.
The phishing links remained up on Mike Winkelmann’s Twitter for around five hours, and an on-chain investigation of one of the scammers’ wallets revealed that the first phishing link netted them 36 Ether (ETH), which was valued at over $73,000 at the time.
The second link netted the scammers roughly $365,000 in ETH and many NFTs from high-value collections such as the Mutant Ape Yacht Club, VeeFriends, and Otherdeeds, among others, increasing the scam’s total value to around $438,000.
According to on-chain data, the fraudster sold the NFTs on OpenSea and transferred their stolen ETH into a crypto mixer in an attempt to hide their winnings.
Beeple tweeted “Anything too good to be true IS A F*CKING SCAM”
Mike Winkelmann later tweeted that he had recovered control of his account, as well as a warning to his followers that “anything too good to be true IS A F*CKING SCAM.”
Mike Winkelmann designed three of the top ten most valuable NFTs ever sold, including one that sold for $69.3 million, the highest price ever paid by a single owner. Because of his celebrity, he’s become a hacking target.
Scammers also promoted a similarly false NFT dump on Beeple’s Discord in November 2021, resulting in users losing about 38 ETH.
Scammers are trying to cash in on the NFT buzz, according to cybersecurity firm Malwarebytes, which released research earlier this month. Scammers’ most popular approach, according to the organisation, is using phoney websites that appear to be reputable platforms.