Kevin Rose, the co-founder of the nonfungible token (NFT) collection Moonbirds, has fallen victim to a phishing scam leading to more than $1.1 million worth of his personal NFTs stolen.
The NFT creator and PROOF co-founder shared the news with his 1.6 million Twitter followers on Jan. 25 asking them to avoid buying any Squiggles NFTs until they manage to get them flagged as stolen.
I was just hacked, stay tuned for details – please avoid buying any squiggles until we get them flagged (just lost 25) + a few other NFTs (an autoglyph) …
— KΞVIN R◎SE (,) (@kevinrose) January 25, 2023
“Thank you for all the kind, supportive words. Full debrief coming,” he then shared in a separate tweet about two hours later.
It is understood that Rose’s NFTs were drained after signing a malicious signature that transferred a significant proportion of his NFT assets to the exploiter.
GM – what a day!
Today I was phished. Tomorrow we’ll cover all the details live, as a cautionary tail, on twitter spaces. Here is how it went down, technically: https://t.co/DgBKF8qVBK
— KΞVIN R◎SE (,) (@kevinrose) January 25, 2023
An independent analysis from Arkham found that the exploiter extracted at least one Autoglyph (345 ETH), 25 Art Blocks — also known as Chromie Squiggle — (332.5 ETH) and nine OnChainMonkey items (7.2 ETH).
In total, at least 684.7 ETH ($1.1 million) was extracted.
How Kevin Rose got exploited
While several independent on-chain analyses have been shared, Vice President of PROOF — the company behind Moonbirds — Arran Schlosberg explained to his 9,500 Twitter followers that Rose “was phished into signing a malicious signature” which allowed the exploiter to transfer over a large number of tokens:
1/ This was a classic piece of social engineering, tricking KRO into a false sense of security. The technical aspect of the hack was limited to crafting signatures accepted by OpenSea’s marketplace contract.
— Arran (@divergencearran) January 25, 2023
Crypto analyst “foobar” further elaborated on the…
..
