NFT influencer falls victim to cyberattack, loses $300K+ cryptopunks

The influencer appears to have authorized a malicious Dapp to transfer his tokens, leading them to be drained immediately.
The influencer appears to have authorized a malicious Dapp to transfer his tokens, leading them to be drained immediately.

NFT Influencer CryptoNovo announced on Jan 4. that they have fallen victim to a cyberattack and lost two cryptopunks. The post on Twitter says “I just got hacked!!! Are you kidding me!?!” and includes a screenshot from OpenSea displaying two cryptopunks being transferred to another address.

The two cryptopunks were immediately sold by the attacker, one for 70 ETH (worth an equivalent $88,434 at time of publication) and the other for 199 ETH ($251,404). This implies that CryptoNovo lost over $300K worth of cryptopunks in the attack.

The record of cryptopunk#4608 allegedly being transferred to the attacker’s wallet, moved to another wallet, and then sold for 199 ETH. Source: OpenSea

Numerous other NFTs were apparently taken from the influencer, including Meebits, CloneX, Mutant Ape Yacht Club, and Bored Ape Yacht Club items.

CryptoNovo’s iconic green-beanie-wearing punk, #3706, appears to have been saved from the attack, although the owner also appears to have sold the item. While the previously mentioned items went to a known phishing address, the cryptopunk #3706 was sent to a completely different address and sold for 75 ETH ($94,751). This address has also received items from thenovoverse.eth, an ENS domain that has itself received items from CryptoNovo’s official wallet address in the past. These facts may imply that the sale of this particular item was possibly done by the owner rather than an attacker.

Cryptopunk#3706. Source: OpenSea

CryptoNovo is an NFT influencer with over 18,000 Twitter followers . He is known for wearing masks that make him look like the green-beanie-wearing cryptopunk he first purchased in 2020.

A photo of CryptoNovo, whose true identity is unknown.

Although CryptoNovo claimed the attack was a “hack,” Twitter user @__proper has pointed out that this is more likely to have been caused by phishing. Just after the green beanie cryptopunk was transferred to a safe address, CryptoNovo made several token authorizations to an unknown smart contract. It is this contract that subsequently used the transferFrom function on various NFTs to move them from the influencer’s wallet. This implies that someone may have tricked him into authorizing a malicious Dapp to move his tokens.

Related: Magic Eden NFT service hacked, shows porn instead of correct images

Someone also appears to be impersonating CryptoNovo on Discord. 9 hours after the attack occurred, he posted an image of a Discord account that claims to be him, but which he says is a fake account.

Cryptopunks was one of the first “generative digital art” NFT collections or collections of art objects generated by an algorithm. It was released in June, 2017, and its individual units were given away to anyone who could pay the gas fees to mint them. Today, cryptopunks sell for an average price of over $1,000, according to nftstats.com.

The collection has inspired thousands of other generative NFT collections, including Bored Ape Yacht Club, Mutant Ape Yacht Club, Meebits, and others.