Quadriga Initiative Logo.png

QUADRIGA INITIATIVE

CRYPTO WATCHDOG & FRAUD RECOVERY PLATFORM

A COMMUNITY-BASED, NOT-FOR-PROFIT

$438 000 USD

MAY 2022

GLOBAL

BEEPLE

DESCRIPTION OF EVENTS

Beeple was a well known NFT artist who created three of the top ten most expensive NFTs sold to date. One of those, his "first 5,000 days", sold for $69.3 million, the most expensive NFT ever sold to a sole owner.

 

Earlier in May, NFT creator Beeple designed 30 NFTs for Louis Vuitton’s "Louis The Game" mobile game, which were embedded within the game as player rewards.

 

On the early morning of May 22nd, 2022, the official account of Beeple posted about an exciting new raffle.

 

"Been working on this with [Louis Vuitton] for a long time behind the scenes. 1000 total unique pieces.

 

BEEPLE x VUITTON COLLECTION_!: BEEPLES

 

Official Raffle Below. 1 ETH = 1 Raffle Entry. All non-winning entries are refunded post raffle.

 

Good luck :)"

 

This was follows by yet another promotion - this time a free mint!

 

"Had felt the need to release more NFTs from my collection behind the scenes. 200 total unique pieces.

 

BEEPLE - SPRING/SUMMER COLLECTION 2021

 

Official Minting Link Below. FREE mint! 200 UNIQUE pieces for everyone!

 

Good luck :)"

 

Beeple's account had been hacked and the raffle was not real. Users who participated simply forfeited their ETH.

 

"On 2022-05-15, the domain was pointed to 45.61.136.112 which hosts malicious scam domains." "IP 44.227.238.106 is such an innocent piece of infra, cleaner than melted glacier water."

 

The first exploit was later explained by @sniko_:

 

"Once you've connected your wallet, will initiate a mint() contract call to 0x7b69c4f2ACF77300025E49DbDbB65B068b2Fda7D, which will send 1ETH to the contract." "As of typing the website is not weaponised to "drain" wallets by filling the wallet tx queue (like we've seen before)"

 

"The contract you are sending a transaction to is in fact a 721 contract, with mint() function defined as: The owner of the contract can withdraw the funds at any moment"

 

The second attack was "a little more sophisticated than the first, having a Discord C2 - still investigating. Potentially targets NFTs with setApprovalForAll()"

 

Explore This Case Further On Our Wiki

Beeple was an extremely successful NFT artist, with works selling for upwards of $69.3m in auctions. On May 22nd, 2022, his Twitter account was compromised and the attackers used their access to launch two separate phishing attacks on his followers, netting them a total of $438k. It does not appear that any of the funds have been recovered.

HOW COULD THIS HAVE BEEN PREVENTED?

This can be prevented through exercising care whenever interacting with any smart contract or making any payment. The user must ensure that they understand the transaction prior to sending any funds or approvals.

 

Check Our Framework For Safe Secure Exchange Platforms

NFT owners reminded to be vigilant after 29 Moonbirds were stolen by clicking a bad link - CoinTelegraph (Aug 23)
Targeted phishing scam nets $438K in crypto and NFTs from hacked Beeple account - CoinTelegraph (Feb 4)
Harry Denley (@sniko_) Initial Warning - Twitter (Feb 4)
Beeple (b. 1981), EVERYDAYS: THE FIRST 5000 DAYS | Christie’s (Feb 4)
dubstard - "IP 44.227.238.106 is such an innocent piece of infra, cleaner than melted glacier water" - Twitter (Feb 4)
sniko_ - "Bidding on @beeple "EVERYDAYS: THE FIRST 5000 DAYS" has reached $60 MILLION" - Twitter (Feb 4)
sniko_ - "Bad actors continue have access to Beeples Twitter account" - Twitter (Feb 4)
First Smart Contract "Fake_Phishing5739" - Etherscan (Feb 4)
Ethereum Transaction Hash - First Phishing Mint legalguy.eth - Etherscan (Feb 4)
Ethereum Transactions Information | Etherscan (Feb 4)
Ethereum Transaction Hash - Final Approval From First Phish - Etherscan (Feb 4)
Second Exploit Address "Fake_Phishing5741" - Etherscan (Feb 4)
Ethereum Transaction Hash - Final Phishing Transaction - Etherscan (Feb 4)
Ethereum Transaction Hash - First Transfer From Second Phish - Etherscan (Feb 4)
beeple - "ugh we’ll that was fun way to wake up" - Twitter (Feb 4)
Hellsegundo - "Dumbly I have clicked on the link and connected my wallet and been scammed" - Twitter (Feb 4)
nfactes - "lost 1 eth believing it was a real account" - Twitter (Feb 4)
super1said - "They dont Care bro. We are nobody" - Twitter (Feb 4)
Mike Winkelmann - Wikipedia (Feb 15)
Harry Denley (sniko_) Reporting Loss Total - Twitter (Feb 15)

Sources And Further Reading

More case studies

GM Studios Discord
Hacked savino910

Doodle NFT 5396 Phishing
Theft BTCRegister

 For questions or enquiries, email info@quadrigainitiative.com.

Get Social

  • email
  • reddit
  • telegram
  • Twitter

© 2019 - 2025 Quadriga Initiative. Your use of this site/service accepts the Terms of Use and Privacy Policy. This site is not associated with Ernst & Young, Miller Thompson, or the Official Committee of Affected Users. Hosted in Canada by HosterBox.