NFT Investor ‘Bun’ Got His Hot Wallet Drained After Clicking A Fraudulent Link

Updated: 20 December 2023

Disclosure

Don’t invest unless prepared to lose all the money you invest. This is a high-risk investment, you shouldn’t expect to be protected if something goes wrong.

Join Our Telegram channel to stay up to date on breaking news coverage

The non-fungible token market has gone green again after a market downslide of more than one year. Unfortunately, the NFT market resurgence has attracted scammers and hackers, with scam attacks reported more than twice every week. In yet another phishing attack, scammers have drained a hot wallet belonging to NFT influencer Bun.

NFT Investor Bun Got His Hot Wallet Drained

In a December 20 blog post, Bun, a renowned software engineer and non-fungible token influencer, confirmed that his hot wallet was drained after accidentally clicking a fraudulent Frame airdrop link. Bun has urged all crypto and NFT investors to remain vigilant this season.

I’m an idiot and got my hot wallet drained after clicking a bad Frame airdrop link.

Be careful y’all. 🥺 pic.twitter.com/jzN19uWAYX

— Bun (@dirtybuns) December 19, 2023

Based on a screenshot Bun shared, some of the stolen non-fungible token collections include Valhalla #3454, Kagami #328, Cool Cat #939, Kagami #92, Cool Cat #9656, Cool Cat #3120 and Cool Cat #3811. Other stolen NFTs include several more Kagami and Cool Cat NFTs.

The incident appeared a few hours after another group of scammers swept 237 NFT collections in a phishing attack. Yesterday, Peckshield, the blockchain security firm, confirmed that scammers have just stolen 237 non-fungible token collections. The NFT collection stolen includes at least 85 0XLBOTS NFTs and 152 Cypherpunks NFT collections.

Last week, Ledger, the company that makes physical crypto wallets that look similar to USB drives or other storage devices, saw its Ledger Connect Kit mobile software compromised, leading to hundreds of dollars being drained from users’ wallets. The hack left over $600,000 worth of crypto drained.

🚨 We've detected a potential supply chain attack on ledgerconnect kit 🚨
The attacker injected a wallet draining payload into the popular NPM package.
This currently affects a couple of popular dapps including but not limited to https://t.co/2QJmKIGv9T

— Blockaid (@blockaid_) December 14, 2023

In related reports, another group of scammers has stolen four NFT collections on the Blur NFT market platform in a phishing attack. According to Peckshield, stolen NFT collections include Mutant Ape Yacht Club #23160, Cool Cat #6317, and Invisible Friends #1548.

#PeckShieldAlert #Phishing #NFT #MutantApeYachtClub #23160, #CoolCats #6317, #InvisibleFriends #1548 and #2040 have been stolen by #Fake_Phishing187019 on #Blur pic.twitter.com/gFvVkhgJCx

— PeckShieldAlert (@PeckShieldAlert) December 20, 2023

Tips On How You Can Protect Your NFTs

Hacks and scams have become an inevitable part of the non-fungible token ecosystem, with nearly all top crypto influencers, founders, and crypto project heads emerging victims at some post in their crypto lives. This menace called scam has to stop. Below, we listed some of the tips you can use to safeguard your NFTs:

1. Phishing scams

Phishing is one of the most common scams. This occurs when attackers send malicious links on various applications and platforms, including Discord, Telegram, Whatsapp, Facebook, and Instagram. The link often brings the victim to a fake NFT minting page containing a smart contract, allowing the scammer to drain the victim’s wallet if signed.

NFT collectors can safely avoid this type of menace by simply avoiding clicking on suspicious links, attachments, or pop-ups. Crypto users are advised always to verify URL domain names, email addresses, and social media handles to ensure authenticity. Moreover, they should keep their seed phrase, credentials, or private keys private from others.

2. Plagiarized Listings

In most cases, fraudsters create fake websites resembling popular NFT marketplaces or minting sites, purporting to be a legitimate project’s official home, draining their funds. In this case, traders are advised always to confirm verified accounts, identities, and website URLs of NFT marketplaces.

3. Exits scams “Rug Pulls”

Rug pull is a form of crypto scam where the fraudsters raise funds, commonly through NFT mints, and take off with the money (also known as “rug pull”) without any attempt to develop the project. In this case, investors are advised to thoroughly research the background of the teams behind NFT projects on social media platforms like Linkedin and Twitter.