How Jay Chou’s NFT was stolen by hackers on April Fool’s Day

On April 1, 2022, Jay Chou posted on Instagram that the BAYC #3738 NFT he held has been stolen!


Nani? ? Dare to steal the digital collection of the Chinese King? When everyone thought it was a joke, the hacker had already transferred and sold Jay Chou’s NFT.


How did April Fool’s hackers target Jay Chou’s NFT? How did it turn around? Although the process is simple, this NFT anti-theft tip may be suitable for Jaylen

How was Jay Chou’s NFT transferred?

It is understood that the NFT was presented by Huang Licheng in January this year.

After the inspection of the Chengdu Lianan technical team, it was found that Jay Chou signed the authorization transaction with the wallet address starting with 0x71de2 at around 11:00, and granted the NFT permission to the attacker wallet starting with 0xe34f0. Realize that your NFT is already at risk.

In just the past few minutes, the attacker transferred the BAYC #3738 NFT to his own wallet address at 11:07.


However, the hackers seemed to have their eyes on the Chinese pop king, and then stole 1 MAYC and two Doodles held by Jay Chou.


After the attacker succeeded, he sold the stolen NFT on LooksRare and OpenSea, and obtained about 169.6 ETH.


At present, the funds remain at the address starting with 0x6E85C. In this way, Jay Chou’s NFT was profited by hackers.


The editor wants to say, Brother Jielun, if you steal it, you will steal it, so let’s prepare a new album.

What are the risks of NFTs?

In previous articles, we have pointed out that the current risks of NFTs can be roughly divided into two categories:

One is the authorization problem of NFT itself (NFT holders can authorize other addresses as agents), which may cause NFT permissions to be hijacked due to the misoperation of NFT holders (mainly phishing websites and insecure interface calls at the wallet level) ;

The second is the external risks introduced by NFTs participating in the DEFI system, such as the security risks brought by the NFT pledged mining contract itself, which is basically the same as the conventional DEFI risks.


In addition, we also need to guard against various fraudulent methods:

For example, scammers will privately message you links to fraudulent websites through Discord, or send fake transaction links to induce you to click. In addition, scammers will induce users to send their private keys or mnemonics to themselves through various means, so be sure to protect your private keys and mnemonics.

These fraud prevention guides you need to know

In addition to being alert to NFT hype, it is also necessary to guard against various NFT scam routines. The number and scope of NFT-related scams have also exploded in the past year, and everyone needs to take more precautions.


Pay attention to the identification of genuine and fake websites

Be sure to watch out for fake sites, especially phishing sites. Do not authorize lightly! Do not authorize lightly! Do not authorize lightly

Do not reveal private keys or mnemonics

Protect your private key and mnemonic phrase and do not disclose it. Once leaked, your digital assets are likely to be at risk.

Cancel wallet authorization in time

If you have authorized the wallet on the fraudulent website, you can promptly go to the following two addresses to check the wallet authorization and cancel it in time:

Posted by:CoinYuppie,Reprinted with attribution to:
Coinyuppie is an open information publishing platform, all information provided is not related to the views and positions of coinyuppie, and does not constitute any investment and financial advice. Users are expected to carefully screen and prevent risks.

Like (0)
Donate Buy me a coffee Buy me a coffee
Previous 2022-04-01 23:45
Next 2022-04-01 23:46

Related articles