Analysis: how was Jay Chou's NFT stolen by hackers?

Chengdu Lianan 2022-04-03 14:49:09 阅读数:474

analysis jay chou nft stolen

2022 year 4 month 1 April Fool's Day Jay Chou is in Instagram It is said in the document that BAYC#3738 NFT It has been stolen !


what ?? Dare to steal the digital collection of the Chinese language King ? When everyone thought it was a joke, hackers had taken Jay Chou's NFT Turn away and sell


How did hackers target Jay Chou on April Fool's Day NFT Of ? How to turn away ? Although the process is simple, this NFT Anti theft tips may be good for Jay

  Jay Chou's NFT How to be transferred ? 

according to the understanding of , The NFT In this year 1 This month is presented by Huang Licheng .

After the inspection of Chengdu chain security technical team , Found that Jay Chou will 0x71de2 The wallet address at the beginning is 11 Signed the authorization around 10:00 (approve) transaction , take NFT Permission granted to 0xe34f0 The attacker's wallet at the beginning , Maybe Jay didn't realize his NFT, Already at risk .

Just the last few minutes , The attacker is 11:07 Boring ape BAYC #3738 NFT Transfer to your wallet address .


however , Hackers seem to be eyeing the Chinese pop king , Then take Jay Chou's 1 gold MAYC And two Doodles Also steal .


When the attacker succeeds , stay LooksRare and OpenSea The Admiral stole NFT Sell out , Get an appointment 169.6 ETH.


At present, the funds remain in 0x6E85C At the beginning of this address , That's it , Jay Chou's NFT Profit from hackers .


Xiaobian wants to say , Jerungo , If you steal, you steal , Get ready for your new album .

 NFT What are the risks of ?  

In previous articles , We have pointed out that , at present NFT The risks can be roughly divided into two categories :

One is NFT Its own authorization (NFT The holder may authorize other addresses as agents ), Possible cause NFT Wrong operation of the holder , Lead to NFT Permission hijacked ( Mainly phishing websites 、 Unsafe interface call at wallet level );

Two is NFT Participate in DEFI External risks introduced after the system , Such as :NFT The security risk brought by the pledge mining contract itself , This part is different from the conventional DEFI The risks are basically the same .


besides , We also need to guard against all kinds of fraud :

For example, swindlers will pass Discord Private letter you swindle website links , Or send fake transaction links , Induce you to click . besides , Swindlers will induce users to send private keys or mnemonics to themselves through various means , So be sure to protect your private key and mnemonics .

  These anti fraud guidelines you need to know  

In addition to vigilance NFT Beyond the hype , We also need to guard against all kinds of NFT Scam routine , Last year and NFT The number and scope of related fraud have also increased explosively , We still need to take more precautions .


  Check the website for authenticity   

Be sure to pay attention to fake websites , Especially phishing sites . Don't delegate ! Don't delegate ! Don't delegate !

  Don't reveal private keys or mnemonics  

Protect your private key and mnemonics , Don't let it out . In case of leakage , Your digital assets are likely to be at risk .

  Cancel wallet authorization in time  

If you have authorized your wallet on a fraud website , You can go to the following two addresses in time to check the wallet authorization and cancel it in time :

版权声明:本文为[Chengdu Lianan]所创,转载请带上原文链接,感谢。