Wallets of NFT influencer drained in OBS malware attack

Non-fungible token (NFT) influencer who goes by ‘NFT God’ on Twitter lost all his digital assets in a hack on Jan. 14. One of his nearly 90,000 Twitter followers bought NFT God’s stolen Mutant Ape Yacht Club NFT and offered to return it at cost price over $25,000.

Earlier in the day, NFT God, whose real name is Alex, downloaded the video streaming service OBS. However, he used a sponsored link on Google that contained malware-infected software. Cybersecurity expert John Hammond warned people against the fake OBS software two weeks ago.

A couple of hours later, a follower alerted Alex that his Twitter account had been compromised. Within minutes, Alex recovered control of his Twitter account and deleted the scam tweets posted by the hackers.

After a few hours, Alex realized that the Twitter hack was just the beginning of a string of attacks. All his wallets had been drained of cryptocurrencies and NFTs, worth what Alex described as a “life-changing amount.”

Hours later, Alex found out that the hackers had also taken control of his Gmail, Discord, and Substack. The attackers had also sent out two emails with phishing links to his 16,000 subscribers.

A costly mistake

While setting up his Ledger account, Alex “screwed up,” he wrote in a Twitter thread. Despite being “highly technical,” Alex made a mistake and entered his seed phrase in a way that “no longer kept it cold,” he wrote.

Since he had not purchased any new NFTs for months and had no plans of doing so shortly, Alex procrastinated buying another Ledger cold wallet.

This mistake allowed the hackers to gain control of Alex’s crypto and NFTs through the malware attack on his desktop. Alex wrote:

“Not buying a new cold wallet immediately was a deadly mistake. But even with a cold wallet, my entire digital world would still be destroyed. Digital security isn’t just buying a cold wallet. It’s also being careful with EVERYTHING you do on the internet. Everything.”