US prosecutors have accused Soufiance Oulahya, currently in police custody in Morocco, of stealing cryptocurrencies and NFTs worth $450,000 from a victim in Manhattan by creating a fake OpenSea marketplace in 2021.
A statement from the United States Attorney’s Office for the Southern District of New York said the defendant illegally obtained the victim’s seed phrase through impersonation and used it to steal his digital art collection .
Oulahya stole four NFTs from the victim’s OpenSea account. These were each of the Bored Ape Yacht Club, Meebit, Bored Ape Kennel Club, and Crypto Dad series. In addition, the accused also stole cryptocurrencies from the victim’s compromised Manhattan wallet. The indictment states that the victim paid approximately $448,923 to obtain these digital assets.
“As alleged, Soufiane Oulahyane used a common cybercrime technique to steal victims’ cryptocurrency and NFTs. Identity theft is one of the oldest tricks in the criminal playbook. Oulahyane has adapted this old tool for use in a new and developing area – the crypto space,” attorney Damian Williams said in the statement.
According to the indictment, prepared by the US Department of Justice (DoJ) and the Federal Bureau of Investigation (FBI), Oulahyane used paid advertising on a popular search engine to lure the victim to the spoofed website. from OpenSea.
The moment the victim entered the seed phrase on the spoofed website, it was forwarded to an email id controlled by Oulahyane, who immediately accessed the former’s wallet and transferred the NFTs and cryptocurrencies in his wallet. Prosecutors did not name the victim or the search engine on which Oulahyane posted the ad.
Cyberattacks on the rise
Spoofing is one of many social engineering techniques where cybercriminals launch a malicious attack by tricking and convincing potential victims to click on links, reveal passwords, download attachments , etc.
In April 2022, a BYAC owner was cheated of BAYC #1584, MAYC #13168 and MAYC #13169 – worth $570,000 as part of a swap deal on the Swap Kiwi platform. The scammer used weak verification and anti-spoofing features in their checkmarks to create fake BAYC NFTS. But they were nothing more than photoshopped Jpegs.
In October 2022, the BNB chain suffered a security breach and compromised cryptocurrencies worth millions of dollars. While the freeze, recovery, and normalization was still ongoing, a new spoofing attack caused the network to suffer a loss of 60 ETH.
Binance Free $100 (Exclusive): Use this link to sign up and receive $100 free and 10% off Binance Futures fees for the first month (terms).
PrimeXBT Special Offer: Use this link to sign up and enter code CRYPTOPOTATO50 to receive up to $7,000 on your deposits.