Title: The Tale of a Near $100M Cryptocurrency Theft
Written on
Once upon a time, there was a visionary known as Thomasg.eth. He aspired to create a decentralized air transport system in a distant realm called Web3—an open-source vertical take-off and landing (VTOL) aircraft and air taxi protocol.
Despite the seeming impossibility of his dreams, he dedicated himself to their realization, rallying a community of like-minded individuals in a secret space on Discord. However, fate had other plans. He possessed a staggering fortune of $125 million in his .eth wallet, attracting the attention of malevolent forces lurking in the shadows, driven by greed. These dark entities aimed to exploit his ambitions to access his wealth.
Today, we recount the story of this nearly $100 million cyber heist, but from the perspective of the attackers, revealing the cunning strategies they employed in their sinister scheme.
Sush?
And so, the narrative unfolds...
Somewhere on this planet resided an individual who was not short on funds, with at least 100 ETH sitting idle. Yet, their desire for more was insatiable. Perhaps they stumbled upon the tale of Thomasg.eth through rumors or were actively scouting for a new target; they quickly identified him as the ideal victim.
They crafted an intricate plan designed to bring Thomas to ruin. With his ambitious vision, he was the perfect mark for a socially engineered scam—almost too easy to execute!
To ensure their success, the attackers adhered to three fundamental principles of social engineering:
- KYV (Know Your Victim): Understanding the victim's vulnerabilities.
- Custom Personas: Creating tailored identities to appeal to the victim.
- Believable Scenarios: Developing convincing yet highly persuasive narratives.
First, they researched Thomas’s project and its requirements, identifying a means to subtly breach his defenses and earn his trust. Instead of a single persona, they decided to craft two distinct identities. In the world of Web3, skepticism is common. Thus, a direct approach wouldn't suffice; they needed to be creative and strategic.
Once they mastered the necessary tactics and assembled the tools for their deceitful endeavor, it was time to weave their web of lies.
INITIATING CONTACT & BUILDING TRUST
For two weeks, they relied on a single psychological strategy: building trust through gratitude. By fostering a sense of indebtedness, they flipped the roles, making Thomas feel he was the one seeking favors and consequently nurturing trust.
Why? Because when one finds themselves in that position, they are less likely to suspect they are being scammed—they're on the “receiving end.”
This is how they executed this tactic with Thomas:
1. Persona #1 “Heckshine” Reaches Out to Thomas
The scammer pinpointed a need: Thomas's project sought a versatile 3D artist, and voilà—Heckshine appeared. He not only showcased moderate talent but also exuded an infectious passion for his work, offering his services for free. Heckshine was the perfect assistant, always ready to tackle any task with a cheerful disposition.
> Personas in romance and friendship scams are often crafted similarly, appearing as the ideal individual—generous, kind, and devoted!
The brilliance of Heckshine's persona lay in its design—not to ensnare Thomas directly but to establish trust in preparation for the second persona. For two weeks, Heckshine would go above and beyond, merely tasked with introducing the second persona, who would ultimately lay the trap.
At no point would Heckshine be linked to the scam.
Brilliant, right?
2. Enter Persona #2
As previously mentioned, in Heckshine’s initial message, he introduced the second persona, who turned out to be no ordinary individual. She claimed her brother-in-law was the Chief Security Officer at Boeing and was instrumental in a deal with Wisk, a company specializing in flying taxis. She also held a significant role in a prominent Metaverse project focused on VTOLs and space travel.
What a coincidence!
The same day Heckshine made contact on Discord, he wasted no time mentioning “Linh,” the second persona, in private messages with Thomas.
3. Cultivating an Asymmetric Relationship
As you can see, Heckshine effortlessly connected the two. Linh was so well-designed that she naturally played her part, putting Thomas in a position where he felt compelled to connect with her, establishing an asymmetric relationship—he would be the one asking for favors while she would be the giver.
To deepen this asymmetry and reinforce the power dynamic, Thomas was required to demonstrate his commitment to Linh by sending her an email outlining his project.
In her response, Linh aimed to exhibit her knowledge and insight into Thomas’s situation, implying that her involvement could bring his dreams to fruition. She briefly mentioned her project, “Space Falcon,” which was, unbeknownst to Thomas, a trap designed to siphon his assets.
The following day, their discussion shifted towards how to develop Thomas’s company, showcasing Linh’s expertise. As she continued to highlight her impressive project, Thomas felt compelled to support her initiative.