DeFiance Founder’s USD 1.76M Loss is a Lesson For NFT Investors
We believe in full transparency with our readers. Some of our content includes affiliate links, and we may earn a commission through these partnerships. However, this potential compensation never influences our analysis, opinions, or reviews. Our editorial content is created independently of our marketing partnerships, and our ratings are based solely on our established evaluation criteria. Read More
Ad Disclosure
We believe in full transparency with our readers. Some of our content includes affiliate links, and we may earn a commission through these partnerships. Read more
Founder of the cryptoasset fund DeFiance Capital, Arthur Cheong, has seen one of his hot wallets compromised, resulting in the loss of over 70 blue-chip non-fungible tokens (NFTs) worth over USD 1.76m. The incident is another stark reminder for all NFT investors to be extra careful – and less trusting – when it comes to their digital assets.
Known as Arthur0x, Cheong has speculated that the root cause for the exploit is “a spear-phishing email” he received that appeared to be from one of their portfolio companies.
“Found out the likely root cause for the exploit, it’s a targeted social engineering attack,” he said. “Received a spear-phishing email that really seems to be sent by one of our portco with content that seems like general industry-relevant content.”
Was being careless on this one since it comes from 2 seemingly legitimate sources.
— Arthur (@Arthur_0x) March 22, 2022
Once I open the file then I see the images below and then it proceed to the normal PDF document, didn't suspect what's wrong back then:https://t.co/i3bfHCMWYe
Echoing the same viewpoint, Adam Cochran, a crypto researcher and partner at the venture fund Cinneamhain Ventures, said Cheong’s computer might have gotten infected with a virus after opening a PDF pitch deck.
“Have had some cold email pitches in the past that virus scanners caught were compromised, so I always request people wrap stuff in docsend or something,” Cochran said, adding that this has become a “common attack vector for investors.”
Cochran noted that file extensions like PDFs, .docxs, .xlsx, and .jpeg, which are sometimes used for making pitch decks, are the most common risks, and there is even the possibility that a virus scan won’t be able to detect it.
On the other hand, it is safe to view files using uploaders like Google Drive and Docsend, which strip out macros and other underlying code, he added.
“Personally I only take decks that are on docsend or google drive. Sometimes github,” Cochran said, which also seems to be a good piece of advice for every NFT investor looking to pitch decks. “Even then, I open it in a stripped down browser on a secure machine that I don’t use for anything else,” Cochran said.
Direct connect to web on that one. Didn't feel the need to airgap as there is nothing on that device, it is only used as a document viewer. Even if it got compromised there is nothing to compromise.
— Adam Cochran (adamscochran.eth) (@adamscochran) March 22, 2022
Data by Etherscan shows that the hacker has stolen more than 70 NFTs from Cheong, including at least five CloneX NFTs and 17 Azuki NFTs.
As of now, the hacker’s wallet, which is marked as “Arthur0x Wallet Hacker” by Etherscan, holds ETH 585.4 (USD 1.76m). Notably, the hacker has not sold all the stolen NFTs. Therefore, the actual amount of stolen funds in US dollars is yet to be finalized.
____
Learn more:
– Texas Man Sues OpenSea Over Stolen NFT, Asks for Over USD 1M in Damages
– The 4th Largest Crypto Theft Shows DeFi Weakness as Hacker Nets USD 325M in a Wormhole
– BlockFi, Swan Bitcoin, Pantera Advise Users How to Stay Safe After Data Got Hacked in Hubspot CRM Raid
– Another Suspect in Ethereum’s DAO Hack Emerges, Putting Coin Mixing Under Question
– BitMEX Finally Welcomes Ethereum as Spot Platform Nears; Launching APE Perpetual Futures Market
– 6 NFT Use Cases That Will (Probably) Remain After the Hype Dies Down
- How Tether Co-Founder William Quigley Views Crypto Regulations in Trump’s Second Term
- Trump Appoints PayPal Veteran David Sacks as ‘White House AI and Crypto Czar’
- What’s Happening in Crypto Today? Daily Crypto News Digest
- Trader Explains Why XRP Could Skyrocket to $100 After Tristan Tate X Post
- US SEC Scales Back 50-Member Crypto Enforcement Team: Report






