Beeple account hack – phishing scam steals $438K in crypto and NFTs

Mike Winkelmann, AKA Beeple, a digital artist and popular non-fungible token (NFT) developer, had his Twitter account hacked on Sunday, May 22 as part of a phishing scam.

Users were warned by Harry Denley, a Security Analyst at MetaMask, that Beeple’s tweets at the time, which contained a link to a raffle for a Louis Vuitton NFT collaboration, were in actuality phishing scams that would drain crypto from users’ wallets if they clicked.

⚠️ Beeple’s Twitter account has been compromised (ATO) to post a phishing website to steal funds.

0x7b69c4f2ACF77300025E49DbDbB65B068b2Fda7D
0xF305F6073CFa24f05FF15CA5b387DD91f871b983 pic.twitter.com/0MPNwOPlEu

— harry.eth 🦊💙 (whg.eth) (@sniko_) May 22, 2022

The con artists were most likely attempting to profit off a legitimate recent collaboration between Beeple and Louis Vuitton. Beeple produced 30 NFTs for the premium fashion brand’s “Louis The App” mobile game in May, which were used as player incentives.

The scammer continued to exploit Beeple’s Twitter account to send phishing links to bogus Beeple collections, luring unwary people in with the promise of a free mint for unique NFTs.

At time of this tweet, they have scammed 25ETH / ~$50k

It is unclear how the ATO happened.

— harry.eth 🦊💙 (whg.eth) (@sniko_) May 22, 2022

The phishing links were live on Beeple’s Twitter for around five hours, and an on-chain investigation of one of the scammers’ wallets showed that the first phishing link netted them 36 Ethereum (ETH), which was worth about $73,000 at the time.

The scammers got roughly $365,000 in ETH and NFTs from high-value collections including the Mutant Ape Yacht Club, VeeFriends, and Otherdeeds, among others, bringing the total value stolen from the scam to around $438,000.

According to on-chain data, the fraudster sold the NFTs on OpenSea and then transferred their stolen ETH into a crypto mixer to try to hide their winnings.

Beeple later tweeted that he had reclaimed control of his account, adding that “anything too good to be true IS A F*CKING SCAM.”

ugh we’ll that was fun way to wake up. 😫

Twitter was hacked but we have control now. Huge thanks to @garyvee ‘a team for quick help!!!! 🙏🙏🙏

— beeple (@beeple) May 22, 2022

Beeple is responsible for three of the top ten most valuable NFTs ever sold, including one that sold for $69.3 million, the highest price ever paid by a single owner. Because of his celebrity, he has been a target for hackers.

In November 2021, a Beeple Discord admin account was hijacked, with scammers advocating a similar phony NFT drop, resulting in customers losing about 38 ETH.

Scammers are trying to cash in on the NFT buzz, according to research released earlier this month by cybersecurity firm Malwarebytes. Scammers’ most popular approach, according to the business, is to exploit bogus websites that appear to be reputable platforms.