NFT thief returns 88 ETH ($368,000) after stealing from CreatureToadz NFT thief returns 88 ETH ($368,000) after stealing from CreatureToadz

NFT thief returns 88 ETH ($368,000) after stealing from CreatureToadz

After the identity of a hacker was unraveled, he chose to return 88ETH he had stolen from an NFT project.

NFT thief returns 88 ETH ($368,000) after stealing from CreatureToadz

Photo by Austin Santaniello on Unsplash

Creature Toadz NFT project suffered a theft of around $340,000 when a hacker, posing as a moderator, convinced community members to send 88 ETH to an address he controlled yesterday. However, in a surprising turn of events, he returned all of the stolen assets to the project.

Hacker defrauds Creature Toadz community members of $340,000

The hacker, whose username was revealed to be HEERR on Twitter, was able to hack into the Discord server of the project using a Webhooks vulnerability present on the social media site to hijack the channel.

They then proceeded to pose as a moderator of the project before asking unsuspecting community members to โ€œstealth mintโ€ Creature Toadz via a web link.

Before the members could deduce that this was a fraud, they had collectively sent 88ETH which translated to roughly $368,000 to the hackerโ€™s address. The Creature Toadz NFT team revealed that their channel was compromised for close to 45 minutes.

While the hacker later returned all of the stolen funds to the team behind the project, his intentions are being questioned as some have placed him in the same class as the hacker who hacked Poly Network but later returned the fund.

On the other hand, some community members of the project believe he only returned the stolen funds because his identity was unraveled by an analyst who was also a community member of the project.

How his identity was unraveled

An anonymous NFT analyst, OKHotShot, trailing the hackerโ€™s Ethereum transaction history was able to deduce that the hacker was HEERR who claimed to be โ€œa 17-year-old high school studentโ€ and that the hack was only meant to be โ€œa joke.โ€

The above was revealed during a discussion held on Twitter by Andrew Wang and the Creature Toadz community where the hacker publicly claimed responsibility for the hack. It was during this discussion that OKHotShot beseeched the hacker to return the stolen funds to the team.

After the session, the hacker returned the funds to the Creature Toadz team who have chosen not to press charges against the attacker.

Posted In: , Hacks, NFTs