The crypto industry has seen another hack attack that resulted in a large amount of money being stolen.
The hacker or hackers attacked the official Twitter account of Gutter Cat Gang — a popular collection of NFTs on the Ethereum network.
The hacking of the account belonging to the co-founder of the project resulted in an estimated loss between $750,000 and $900,000.
The exact amount that was stolen is still up for debate, as the hacker stole at least 87 NFTs from 16 different users.
One Address lost as many as 36 NFTs, including a Bored Ape piece, which sold in September 2021 for $125,000.
Since the value of NFTs is subject to change, experts are still debating how much the hacker actually stole by getting away with the digital artwork.
at least one of attacker’s wallets he has since sold stolen assets for $640k, according to AegisWeb3.
What happened?
The attacker used Twitter last Friday, July 7, to promote a public airdrop of the legitimate Gutter Cat Gang collection called GutterMelo.
The collection was released at the end of June, and the hacker posted a link to the airdrop, which was fake.
Those who clicked on it had their wallets emptied of their assets without receiving anything in return.
Immunefi’s Adrian Hetman commented on the matter, stating that the victim often interacts with malicious contracts in cases like these.
They are required to give their approval to the contract and allow you to spend the tokens on behalf of the user.
After that, the hacker who controls the contract gets the authority to transfer even the NFTs of the users as they wish.
About two days after the attack, the Gutter Cat Gang Twitter explained the situation and expressed remorse for the incident.
The account owner said they are working with authorities to try to identify the attacker while also taking steps to prevent something like this from happening again.
However, to the disappointment of fans, there is currently no mention of trying to compensate victims for their losses.
The Gutter Cat Gang team claims that the account was properly protected
Many have also raised concerns about the security of the Gutter Cat Gang account. The account owner claims to use multi-factor authentication and other security measures, though it’s unclear what they include.
Twitter offers three options: authentication via the app, SMS, or a dedicated key. According to cybersecurity expert James Bore, app-based authentication is generally considered the most secure option.
He added that apps like Microsoft Authenticator, Google Authenticator, or Authy tend to be the most effective since the code is never transmitted over networks.
