I Got Rugged 😭 Here's How to Avoid Web3 Scams

line

It happened to me: I got rugged earlier this year. A scammer stole my women and weapons #58 NFT.

Violet Summer

By Violet Summer

BY VIOLET SUMMER

star

August 19, 2022

AUGUST 19, 2022

star

Last updated October 27, 2022

Violet Verse Banner

Someone stole my Women And Weapons NFT, here's everything that went down so far.

Everything is great and futuristic until a bot steals your digital assets and there is nothing you can do about it. Except be more cautious next time on what you’re clicking on in the metaverse.

 The other week, I was buried in computer work because Art Basel took over my life. The week prior, I slipped. 😱 Turns out, burning the midnight oil is a bad quality unless you’re super alert. I got rugged and I felt very uneasy knowing something from me was stolen from and I couldn't do anything about it.

Here’s how I noticed I got rugged.

Here's what happened:One moment I was checking my MetaMask wallet to view what September Monster NFT I minted from Emily Lazar (a music NFT pioneer), when I noticed my NFT collection and ETH balance were drained! Upon further investigation into my wallet, I noticed a few unwarranted transactions associated with my wallet address on Etherscan.

 It didn’t take me long to find out I was rugged. 🤭😱 My Women and Weapons NFT I was transferred, was no longer in my possession. In less than minutes, the scammer bot transferred ownership to a burner wallet account! Someone had gotten hold of my SEED phrase.

Biggest tip: never *willingly* give out your seed phrase.

In a bear market, there’s a lot of phishing that goes on and it’s risky business. Even if it looks legit, always take a step back. Ask yourself: why is the computer asking to type a very important password? Storing your password in a 2-factor authenticated wallet are good practices to protect you and digital assets.


What foundation is under the rug?

Educate yourself and bookmark / screenshot the glossary on our site because for the next technology cycle will be an adventure.

The early days of Web 3.0 are going to see turbulence. There are risks associated with an industry that is in its infant stages. There are missing frameworks, the code is broken and needs mending. But the upward trend to Web3 is the trend, and crypto and smart contracts are here to stay. Bad actors will not continue to be rewarded in the space, as proof from the fiat rules & regulation. We're just going to learn how to play nice and collaborate on the blockchain.

Until then, there will be chaos.

If you’re reading this and are a bit confused, you probably already know about The Bored Ape Yacht Club, Crypto Punks, and other "blue chip" NFT collections are on the Ethereum network. They all went viral and have racked up thousands in ETH. $APE coin has a market cap of $1.6B at the time of publishing. People people spent less than $200 for a Jpegs now worth thousands of dollars.

Luckily the NFT I lost isn't worth that much, but tons of people get scammed from a day. Unlike reporting someone to the US Better Business Bureau, in crypto we don't


But what happens if you’ve already lost the ownership of the NFT due to misplay, what would be your next step? Is it to reclaim the ownership by making a purchase transaction again on the same smart contract? 

In my case, someone caught hold of my seed phrase to *one of *my Metamask wallets and is probably monitoring all the transactions that go in and out on Etherscan. 

It’s a game of strategy. My new new mentor / colleague, a.k.a. an Ethereum blockchain legend, is turning this hack into a full-on team mission. I’m leading content, obvi. We’ve already devised a plan to craft a flash bot and deploy a MEV. 

I know, this is all going over my head too, but stay with me because the skies are darkening and I don’t know what’s to come of it yet, other than FUD (fear, uncertainty, doubt).

WTF industry did I get myself into?

Fortunately, for me, this rug pull comes with minimal risks. My dear friend airdropped me the WAW #58 and the ETH that was stolen from my MetaMask wallet was earned online through the sales of my zine NFTs.

 Yet, it still hurt and I felt a bit violated to know that something had stolen from me under my own very own eyes. The feelings were comparable to the time someone rugged my Nike Jordan Sneakers from my house in North Philly when I was 14-years-old. The thief actually wore them around the neighborhood, which is how I found out about it! 

In the case of my WAW NFT, because the smart contract lives on a public ledger, I could track the wallet address on Open Sea and see it move through the Metaverse.

Here’s a roll up of what happened 😱

  1. Someone stole my NFT at 1 a.m. one morning. Here’s the Etherscan receipt.
  2. The thief was able to transfer .02 ETH into my wallet because I only had like $90 and gas fees and they needed more ETH to complete the transfer. I did not get notified that all of this was happening because MetaMask doesn’t have two-factor authentication.
  3. Once the thief was able to transfer out the Women in Weapons NFT, it was on this account. This is probably a burner account because there were like 20 NFTs from various addresses sitting pretty on this page. Now, there are two. And if you’re reading this way beyond the publishing date, there may not be any NFTs to see!
  4. This is the hacker’s wallet address. This person has over $100K of stolen funds.
  5. Another person I found also got their ETH rugged by the same thief. We are now friends on Twitter.
  6. Since then, I haven’t done anything with my defective ETH wallet address. I’m going to try and transfer out the $CABIN token and other NFT but I may just have to abandon it. The hacker is probably monitoring its activity.
  7. ApeWorX is now developing a special plugin and together we are traversing the dark forest. I don’t know what I’m getting into but just now, this NFT culture is not for the faint of heart.

To dive deeper into the crypto metaverse, read about the intricacies of a white hat hacker on a mission to save $125 Million from danger in Escaping the Dark Forest. Or join our Discord to learn more tips about avoiding Web3 scams!


**Disclaimer: Nothing on the Verse should be taken as financial advice. Please do your own research. $VV utility reflects engagement on the protocol, accessing token-gated content and community events.


line

More From

line
line

More From

line

Tech