Cybercriminals posing as IT technicians successfully infiltrated several NFT and Web3 projects, stealing approximately $1 million in a few days. Their modus operandi: exploiting internal access to falsify massive mintings and emptying digital vaults.
Infiltration via fake IT profiles
- The hackers penetrated technical teams by posing as legitimate employees, thus gaining privileged access to the mint's systems.
- Once inside, they generated excessive quantities of NFTs, which were sold immediately, causing the value of the collections to drop to zero.
Mechanism and fund leakage
- The stolen amounts were then transferred via exchanges and multiple wallets to hide their trail.
- In some cases, the funds remained inactive in dormant wallets, making it difficult to analyze their destination.
Opportunities and Threats
Opportunities:
- Strengthened security: Web3 projects are encouraged to implement stricter access controls and increased internal oversight.
- Adoption of internal audits: The case encourages the adoption of more rigorous audits and verification processes to prevent this type of abuse.
Threats:
- Shattered trust: Users and investors may be reluctant to participate in NFT projects without strong security guarantees.
- Repeated attacks: If these techniques become popular, other protocols could suffer similar intrusions via fake IT profiles.
Conclusion
This attack demonstrates how vulnerable Web3 environments are to internal manipulation. Fake insiders represent a serious threat: to prevent future losses, teams must strengthen their governance and adopt more robust protocols. User trust depends on their ability to manage these risks.
