January 17th, 2023
In January 2022, NFT God posted a Twitter thread describing an account takeover (ATO) attack. After compromising their machine, the attacker was able to not only steal their digital assets but also take over several accounts for use in phishing attacks.
The attack on NFT God began with an attempt to download Open Broadcaster Software (OBS), which is free, widely-used software for recording videos and streaming. After Googling for OBS, they selected a sponsored link at the top for downloading the software.
However, this download link led to a phishing site rather than the true OBS site. When launching the installer, nothing appeared to happen. In the background, the malicious installer installed malware on the system.
Over the next several hours, NFT God discovered that multiple accounts were compromised by the attacker, including blockchain accounts, Twitter, and Substack. In the end, NFT God lost NFTs and cryptocurrency, and they also had to spend several hours doing damage control, deleting scam messages, and warning people about phishing links sent from their accounts.
NFT God suffered an account takeover attack that was made possible by a malicious download.
Some security best practices that can help protect against these types of attacks in the future include the following:
ATO attacks like the one suffered by NFT God are only one of several potential threats to blockchain wallet security. To learn more about how to secure your digital assets, check out our blog on the Top 10 Ways to Secure Your Crypto Wallet.