Previously, we reported about a shocking hack where a scammer stole a $4 million NFT collection by just taking a photo.
That case left us with many questions about the technical vector of the attack. The Trust Wallet conducted an investigation and revealed the scheme.
The day before the affair, the perpetrator shared the NDA file with the victim and requested KYC information. The fake NDA contained malware that targeted the smartphone.
The criminal then persuaded the victim to transfer funds from the multi-sig wallet to a single Trust Wallet to confirm NFT ownership and copied the information he needed.
The balance photo was just smoke and mirrors. But damn, this scheme deserves an episode in the new James Bond series.