- iamdeadlyz.pcc.eth on his investigation of hidden NFTs at the hidden tab in OpenSea found that one of them is an ongoing scam, resulting in $1.7M+ stolen assets.
A fake TheBeeings NFT was sent to him. Here is the link to the phishing site: https://thebeeings.link/. https://thebeeings.io/ is the only official website. So users should always be highly suspicious when connecting their wallet to any other website, and they should never type their seed phrase. Here is the link to the official Twitter Account: https://twitter.com/TheBeeings.
The phishing website is highly identical to the official website. It also uses the same color theme as the original website.
The scam site points to the destination address, i.e., a contract address
0x33E196CD6078a633D92ddcEC5CFB9D7Fe05cBb66. This is being used to transfer the stolen assets from the victims who were tricked into confirming transaction approvals.
After doing some more investigation, iamdeadlyz.pcc.eth has found a new contract address, i.e.,
0xe7e8d50d1d11299f46112ef0e9cb972756b54e98, which is another smart contract being used for DelegateCall.
When expanded, an another malicious smart contract, i.e.,
0x563b973f0c57f5423a171a8975c18f9b604342e2 is also being used to siphon assets from the victims.
On-chain data reveals all of the wallets which interacted to steal the assets and those who received them.
If we analyze the Malicious contract 1, i.e.,
0x33e196cd6078a633d92ddcec5cfb9d7fe05cbb66. It has a Delegatecall to
Here is the list of wallets who have used the contract:
0xee291D1C0c5d5EC74d094f19b4265dcAcbd85fF3– Holds a lot of ENS names // setWhiteList for
Here is the wallet which was Setwhitelisted but did not interact:
0xA458c2A1Cd454D8eaaA8D8b7233e7D540A3D32d8– interacted with
Here is the list of receivers:
Here is the link to find the complete data.
Aside from the wallet addresses, iamdeadlyz.pcc.eth was able to get the list of stolen assets.
We would like to credit iamdeadlyz.pcc.eth for all this available information.
So we want to advise our readers that many scammers are out there in full force. So users should always be highly suspicious when connecting their wallet to a website, and they should never type their seed phrase. Users should always make sure that they are on the correct URL, and they should never confirm random transactions. Also, they can use a cold wallet for better security,