New forms of stealing and scamming emerge every day on the internet, especially in the cryptocurrency sector. Now it is a fake PDF file that can empty the wallets of non-fungible token (NFT) creators, and other projects, according to security analyst Serpent.
One of the victims was an artist named Tarsius, who specializes in digital collectible art. The creator was contacted by an alleged client who asked him to do a job and for this, he sent him a sketch of what he wanted, story Serpent on the social network Twitter.
The artist received a ZIP file (lossless compression format) that was made up of a supposed PDF file with multiple images that illustrated what the prospective client wanted. Right after that moment, that’s when the nightmare began for Tarsius.
The file was not legitimate, actually it was an executable script disguised as a PDF file, with the extension (.scr). That script was the one executed a malicious code perpetrating the theft of NFTs and ether (ETH) that the artist had in his wallet.
“All of his NFTs were listed and sold, and all of his ETH was transferred to the scammer’s wallet,” Serpent explained.
Neither the artist nor Serpent revealed How much is stolen by the cybercriminal?
the key to the robbery
According to security analyst Serpent, it is a fake extension. The suspected cyber criminal renamed the file and added .pdf to the end, then changed the file’s icon to a PDF icon.
“It also spammed the file to exceed VirusTotal’s maximum file size of 650 MB,” Serpent said.
To avoid being scammed in this way, the specialist recommends not to download or open random files carelessly, as well as checking the file type and researching and studying basic web2 security.
As CriptoNoticias has reported, NFT platforms are also frequently victims of theft and fraud.
The company that created the Bored Ape Yacht Club (BAYC), has been the victim of several hacks. The last It resulted in the loss of several collectibles valued at 200 ethers, equivalent to USD 350,000.