Kevin Rose, the co-founder of Moonbirds NFT Collection, lost more than $1.1 million worth of his personal NFTs in a phishing scam. He informed his 1.6 million Twitter followers on January 25 about the incident and urged them not to buy any Squiggles NFTs until his team gets the tokens flagged as stolen.
Its believed that Rose’s NFTs were drained after he approved a malicious signature that transferred a significant proportion of his NFT assets to the hacker. An independent analyst said the exploiter extracted one Autoglyph, which has a floor price of 345 ETH; 25 Art Blocks, also known as Chromie Squiggles, worth about 332.5 ETH; and nine OnChainMonkey assets worth at least 7.2 Ether. All in all, 684.7 ETH worth $1.1 million was stolen.
Arran Schlosberg, the vice president of PROOF, said Rose was phished into signing a malicious signature whereby the hacker transferred over a large number of tokens. He outlined that it was a classic piece of social engineering, tricking Rose into a false sense of security. Schlosberg said the technical aspect of the hack was limited to crafting signatures accepted by OpenSea’s marketplace contract.
Another analyst known as Foobar pointed out that Rose approved an OpenSea marketplace contract to move all of his NFTs whenever Rose signed transactions. He believes Rose was always one malicious signature away from an exploit. As such, Foobar cautioned users to be super careful when signing anything, even off-chain signatures. He highlighted that Kevin Rose just had $2 million worth of NFTs drained from his vault from signing one malicious seaport bundle.