According to Cheong, he became a victim of so-called targeted phishing through an email newsletter, as a result of which a virus was installed on his phone. The program found the LED phrases stored in the device from two Ethereum wallets and passed them to hackers.
Cheong also posted a screenshot of the email that allegedly became the source of the malware.
“I found out the probable cause of the exploit — this is a targeted attack. I received a phishing email that looked like it was sent by an employee of one of the companies in our portfolio, and containing seemingly relevant content. They are probably aimed at all people from the crypto industry.”
The cybersecurity company PeckShield noted that among the stolen assets are several dozen NFTs from the popular collections of Azuki, CloneX, Hedgies and Second Self. Hackers sold them on the OpenSea platform. In addition, the attackers appropriated various crypto assets, including wrapped ether, Lido DAO tokens and DYDX coins.
The total amount of stolen funds is 585 ETH (more than $1.75 million at the time of writing). According to Cheong, cryptocurrencies are still being withdrawn from wallets.
Earlier today, hackers, using an instant loan, hacked the OneRing Finance protocol. The losses of the project amounted to about $2 million.
A week before, cybercriminals using phishing emails