CEO and co-founder of Cameo, Steven Galanis, hacked with attackers making off with over $200,000.
What Happened?
Steven Galanis, the CEO of the popular website and app Cameo, which allows fans to purchase customized videos from prominent figures, was hacked with over $200,000 in NFTs and cryptocurrency stolen.
On Saturday night Galanis Tweeted stating that one of his cryptocurrency wallets had been hacked. The attackers made away with Bored Ape #9012, 9,000 ApeCoin (APE) tokens, 3 plots of land on YugaLabs created Otherside, 2 Captains Club NFTs, and 1 Phanta Bear NFT. At current prices, the digital goods were worth over $200,000. However, at their peak, these items would have been worth around 2-3x more valuable at their peak.
The Bored Ape Yacht Club (BAYC) NFT was sold for $130,000 (77 WETH). Galanis had paid $319,000 for the NFT at the start of the year.
Galanis said that his iCloud had been compromised in some way by the hackers but offered few details. Earlier this year it was revealed that when using the MetaMask app on iPhone, a user’s recovery phrase (the 12-word metronomic) gets backed up to the iCloud linked to the device.
As the 12-word phrase linked to a user’s MetaMask can be used to restore the wallet to any device on the planet, this presents a serious security flaw. Oftentimes, people will create throwaway iCloud accounts when getting a new device. Naturally, this leads to security being a second thought presenting a weak spot that hackers can exploit.
With MetaMask on iPhone being one of the most widely used methods to access Web3 applications, it’s more important than ever to use a strong password on iCloud and follow crypto security measures to keep your assets safe. Digital attacks on crypto holders are becoming increasingly common so stay safe out there.