Hacker steals $1.8M worth of crypto and NFTs from DeFiance Capital founder

Arthur Cheong, the founder of crypto-asset fund DeFiance Capital who is also known as Arthur_0x on Crypto Twitter, became the latest target of a “social engineering attack” today, losing roughly $1.8 million worth of crypto and non-fungible tokens (NFTs).

The only thing I can say to the hacker is: you mess with the wrong person.

— Arthur 🌔⛩️🦔👻 (@Arthur_0x) March 22, 2022

“The only thing I can say to the hacker is: you mess with the wrong person,” Cheong wrote following the attack. “Was pretty careful and stuck with only using hardware wallet on PC until I start trading NFT more regularly. Hot wallet on the mobile phone is indeed not safe enough.”

According to Cheong, an unknown hacker (or a group) has compromised his hot (i.e. connected to the Internet) wallet and drained cryptocurrencies as well as NFTs. The latter was then put up for sale on OpenSea marketplace “for cheap.”

In total, it appears the hacker has got his hands on around 80 NFTs (mostly Azukisproceedswhat was), 68 Wrapped Ether, 4,349 Staked DYDX, and 1,578 LooksRare tokens.

At press time, the hacker’s wallet, which has been receiving the profits from NFT sales, held just over 585 Ethereum ($1.76 million) and about $12,700 in other tokens.

No one is safe

A few hours after the hack, Cheong revealed that he apparently fell victim to a “targeted social engineering attack” and accidentally opened a “spear-phishing email.”

“Found out the likely root cause for the exploit, it’s a targeted social engineering attack. Received a spear-phishing email that really seems to be sent by one of our portco with content that seems like general industry-relevant content,” he tweeted. “They are likely targeting all crypto peep.”

Was being careless on this one since it comes from 2 seemingly legitimate sources.

Once I open the file then I see the images below and then it proceed to the normal PDF document, didn’t suspect what’s wrong back then:https://t.co/i3bfHCMWYe

— Arthur 🌔⛩️🦔👻 (@Arthur_0x) March 22, 2022

Cheong also acknowledged that it was “careless” of him to open the attached file and noted that “none of the anti-virus picked up this file as malicious.” Additionally, the email in question was sent “from 2 seemingly legitimate sources.”

Namely, from “[email protected],” as one of the screenshots provided by Cheong showed. As such, the hacker was aiming to disguise himself as Jehan Chu, a co-founder and managing partner at blockchain-focused venture company Kenetic Capital.

Commenting on the attack, Cheong also pointed out that everyone should be always vigilant in the crypto industry, regardless of how much experience in the space they have.

“Well this hit me hard but if I got exploited as a fairly sophisticated 5 years crypto user (DeFi user, password manager, mostly hardware wallet),” he wrote. “I’m not sure how I can persuade most normal people to put a substantial part of their networth onchain anymore.”