Founder of major crypto investment firm DeFiance Capital, “Arthur_0x”, has suffered a hack on one of his hot wallets resulting in the loss of more than $1.6 million in nonfungible tokens (NFTs) and crypto.
In a tremendous show of support, the crypto community has come to his aid to help retrieve the stolen items as he asked people to blacklist the hacker’s wallet. Several individuals on Twitter have attempted to determine exactly how the hack occurred and where the hacker gained access to his wallets.
NFT community member “Cirrus” went as far as buying two of the stolen Azuki NFTs and deciding to return them to Arthur at cost. Cirrus told Cointelegraph today that he:
“found out they were hacked, and instead of selling them for profit like the other folks who got some of his, decided I’d sell them back to him at cost to help him out.”
Cirrus added that this “isn’t the first time” this has happened to him. He said, “I could easily go sell them for 6-8 ETH profit, but it just isn’t right.” His profile states that he has been a victim of rug pulls three times before, which likely guided his sympathies for his fellow victim.
— Cirrus (@CirrusNFT) March 22, 2022
A rug pull is when a crypto or NFT project suddenly closes down and the value of their token or NFT plummets without prior warning. In most cases, rug pulls are confirmations of a scam.
In total, Arthur appears to have lost 78 different NFTs from five collections, mostly Azukis. He also lost 68 Wrapped Ether (WETH), 4,349 Staked DYDX (stkDYDX), and 1,578 LooksRare (LOOKS) tokens. The hacker began moving assets at about 12:30 am UTC, then promptly put all the NFTs up for bid on the OpenSea NFT marketplace. As of the time of writing, the hacker’s wallet held 545 ETH worth about $1.6 million.
This hack highlights the importance of operational security when dealing with the self-custody of crypto assets because even people in the highest echelons of the industry can be attacked. In Arthur’s case, he is baffled by how this happened to him as he wrote in a tweet “Hot wallet on mobile phone is indeed not safe enough.”
Was pretty careful and stuck with only using hardware wallet on PC until I start trading NFT more regularly.
Hot wallet on mobile phone is indeed not safe enough
— Arthur ⛩️ (@Arthur_0x) March 22, 2022
Had Arthur used a hardware wallet, otherwise known as a cold wallet, he still may not have been protected from this attack. Unlike a hot wallet, a hardware wallet is not always connected to the network. This feature can keep one’s private key and seed phrase safe from intrusion. However, Arthur believes the security breach happened due to a transaction he made on-chain which may also have compromised the seed phrase or private key from a hardware wallet.
NFT and crypto scams are always a danger, so investors should take the highest security precautions with their assets. There are even serial scammers who design projects to take advantage of the NFT community and pull the rug then move on to the next scam. As Cirrus pointed out:
“This is a gold rush for hackers and they’re doing everything they can to come up with new ways to take advantage.”
In light of the frustration and irritation at the hack, Arthur had stern words for the party who stole his assets, stating in a tweet, “The only thing I can say to the hacker is: you mess with the wrong person.”