In a recent incident, GutterCatGang, an NFT project, fell victim to a SIM swap attack, resulting in the theft of over $765,000 worth of nonfungible tokens. The breach occurred when hackers compromised the official GutterCatGang Twitter accounts and shared fraudulent links to deceitful “limited edition” NFT sneaker airdrops. Upon clicking these links, users’ hot wallets were drained.
The compromised Twitter accounts belonged to GutterCatGang co-founders @GutterMitch and @gutterric. To make the fake links appear authentic, the hackers incorporated recent GutterCatGang branding and imagery from the project’s collaboration with Puma and NBA/Charlotte Hornets star LaMelo Ball for a physical-digital sneaker drop.
Blockchain investigator ZachXBT suggested that the team was targeted through a SIM swap attack, criticizing their use of SMS-based two-factor authentication (2FA) on social media platforms. He emphasized the need for the team to compensate the victims, considering the recent surge in SIM swap attacks.
ZachXBT also highlighted two victims affected by the attack, with one losing a Bored Ape Yacht Club NFT valued at $65,913 and another suffering a staggering loss of $700,000 worth of NFTs from various blue-chip collections.
GutterCatGang co-founder @gutterdan_ provided an update, stating that they were working with Twitter to regain control of the compromised accounts. He expressed deep sympathy for those impacted and reassured them of their commitment to addressing the matter seriously. The project is collaborating with law enforcement to investigate the hack and security breach.
At the time of writing, the compromised GutterCatGang accounts remained under the control of the hackers. GutterCatGang, launched in 2021, features 3,000 unique NFT cartoon cat avatars, with the current floor price at 0.5 Ether (ETH), a significant increase from the initial minting cost.