OBS Malware attack: NFT God’s wallet drained

Key takeaways:

• NFT GOD, a well-known NFT influencer and blogger, was duped by a phishing scheme on Google Ads.

• All of his accounts were breached as a result, and his valuable non-fungible tokens (NFTs) and digital valuables were taken.

Famous NFT influencer “NFT God” aka Alex is the victim of a devastating phishing attack disguised as Google Ads virus that compromises his entire online career.

A follower alerted Alex a short while later that his Twitter account had been stolen. Alex quickly reclaimed control of his Twitter account and deleted the phishing postings the hackers had left behind.

After a few hours, Alex realised that the Twitter hack was only the first in a string of assaults. According to Alex, all of his wallets had been emptied of digital currency and NFTs worth a “life-changing sum.”

Alex claimed to have downloaded OBS, an open-source video streaming programme, via Google’s search engine. However, he chose to click on the sponsored advertisement for what he believed to be the same thing rather than the official website.

In addition to other NFTs, the hackers took 19 ETH and a Mutant Ape Yacht Club (MAYC) NFT worth 16 ETH. On the Fixed Float, a decentralised exchange, the attackers transferred the money and exchanged it for unidentified tokens.

Last night my entire digital livelihood was violated.

Every account connected to me both personally and professionally was hacked and used to hurt others.

Less importantly, I lost a life changing amount of my net worth

— NFT God (@NFT_GOD) January 15, 2023

Aurelien Michel, the creator of the renowned NFT collection Mutant Ape Planet, was recently detained in New York on suspicion of committing a $2–9 million NFT rug pull fraud.

According to the complaint, Michel and other unidentified defendants used false promises to entice customers into purchasing Mutant Ape Planet NFTs, such as “rewards, raffles, exclusive access to other cryptocurrency assets, and the support of a community wallet with funds to be used for marketing the NFTs.”

The phishing attack was feasible since NFT God configured Ledger as a hot wallet rather than a cold wallet on his computer system. Alex stated that he entered his seed phrase in a way that no longer kept it cold. “I knew I had made a critical error,” he admitted.

Tragically, NFT God’s interaction doesn’t mark the first time the crypto community has encountered cryptocurrency-stealing malware in Google Ads. Many people fall victim to these well-thought-out schemes.