The co-founder of metaverse game engine Web3 "Webaverse" has revealed that they fell victim to a $4 million crypto hack after meeting scammers posing as investors in a hotel lobby in Rome.
The strange aspect of the story, according to co-founder Ahad Shams, is that the crypto was stolen from a newly created Trust Wallet and that the hack took place during the meeting at some point.
He claims that the crooks could not have seen the private key, nor was he connected to a public WiFi network at the time.
The thieves were somehow able to gain access while taking a photo of the wallet balance, Shams believes.
the letter that was shared on Twitter on February 7, contains statements from Webarverse and Shams, explaining that they met with a man named "Mr. Safra" on November 26 after several weeks of discussions about possible funding.
"We connected with 'Mr. Safra' via email and video calls and he explained that he wanted to invest in exciting Web3 ventures," Shams explained.
โHe explained that he had been scammed by people in crypto before, so he collected our IDs for KYC, and made it a requirement that we fly to Rome to meet him because it was important to get to know the IRL to 'feel comfortable' with who we are. with whom each was doing business,โ he added.
full story https://t.co/vdkAHyBaG9
โ 0xngmi (aggregator arc) (@0xngmi) February 6, 2023
While initially "skeptical," Sham agreed to meet "Mr. Safra" and his "banker" in person in a Rome hotel lobby, where he would later show "proof of funds" for the project, which according to the Mr. Safra was his requirement to start the "paperwork".
โAlthough we reluctantly agreed to the Trust Wallet 'trial', we created a new Trust Wallet account at home using a device we didn't primarily use to interact with them. We thought that without our private keys or seed phrases, the funds would be safe anyway," Shams said.
However, it turns out that Sham was dead wrong:
โWhen we first met, we sat across from these three men and transferred 4 million USDC to Trust Wallet. Mr. Safra โasked to see the balances in the Trust Wallet application and took the phone from him toโ take some photos โ.
Shams explained that he thought it was okay because no private keys or seed phrases were revealed to "Mr. Safra."
But after "Mr. Safra" took a photo and left the meeting room to consult with his banking colleagues, the crew disappeared and Shams watched as the funds were siphoned off.
"We never saw him again. Minutes later the funds left the wallet.
Almost immediately thereafter, Shams reported the theft to a local Rome police station and, a few days later, filed an Internet Crime Report (IC3) form with the US Federal Bureau of Investigation (FBI).
Shams said he still has no idea how โMr. Safraโ and his scam team committed the exploit:
โThe interim update from the ongoing investigations is that we cannot yet confidently establish the attack vector. The researchers have reviewed the available evidence and have engaged in lengthy interviews with the relevant people, but more technical information is needed for them to draw conclusions with confidence."
โSpecifically, we need more information from Trust Wallet regarding activity on the wallet that was emptied in order to reach a technical conclusion and we are actively seeking them out for their records. This is likely to give us a better picture of how this happened,โ she added.
Cointelegraph contacted Shams and he confirmed that he was not connected to the hotel lobby WiFi when he disclosed the funds in his Trust Wallet.
Related: Just get phishing scammers out of your way
The Webaverse co-founder believes the exploit was carried out in a similar way to a NFT scam story Shared by NFT entrepreneur Jacob Riglin on Jul 21, 2021.
There, Riglin explained that he met potential business partners in Barcelona, โโproved that he had sufficient funds on his laptop, and then within 30-40 minutes the funds were depleted.
NFT Scam Full Story;
Following the response to my previous tweets about the $90,000 scam I was involved in, I wanted to share more details to help warn others of falling victim to it.
I was contacted by Philippe Maloof of Canbury Properties Limited. He said that he had a
โJacob (@jacobriglin) July 21, 2021
Shams has since shared the Ethereum-based transaction where his Trust Wallet was exploited, noting that the funds were "quickly split into six transactions and sent to six new addresses, none of which had any prior activity."
$4 million worth of USDC was almost entirely converted to Ether (ET), wrapped-bitcoin (wBTC) and binding (USDT) through the 1-inch interchange direction function.
Shams admitted that "the event haunts me to this day" and that the $4 million exploit is "certainly a setback" for Webaverse.
However, he stressed that the $4 million exploit and the pending investigation will have no impact on the company's near-term commitments and plans:
"We have a sufficient track of 12 to 16 months based on our current forecasts and we are well on track to meet our plans."
Cointelegraph has also reached out to Trust Wallet for comment.
Post navigation
