Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
The Almighty Buck

Ozzy Osbourne's NFT Project Shared a Scam Link, and Followers Lost Thousands of Dollars (theverge.com) 27

Two days after Ozzy Osbourne's NFT collection were minted, supporters were being targeted by a phishing scam that drained cryptocurrency from their wallets, "playing off a bad link shared by the project's official Twitter account," reports The Verge. From the report: Like the majority of NFT projects, CryptoBatz uses Discord as a place to organize its community. The official CryptoBatz Discord is now accessed through the short link discord.gg/cryptobatz. But previously, the project used a slightly different vanity URL at discord.gg/cryptobatznft. When the project switched to the new URL, scammers set up a fake Discord server at the old one. But neither CryptoBatz nor Ozzy Osbourne took the precaution of deleting tweets referencing the previous URL, meaning that old tweets from Osbourne himself were left directing followers to a server now controlled by scammers.

One tweet from CryptoBatz, posted on December 31st, 2021, received more than 4,000 retweets and hundreds of replies. The tweet was only removed on January 21st after CryptoBatz was contacted by The Verge. On clicking the scam link, the invite panel for the fake Discord showed the total number of members as 1,330, an indication of the number of people who could potentially have been fooled by the scam. Inside the server, a bot spoofing community management service Collab Land asked users to verify their crypto assets to participate in the server -- but directed users to a phishing site where they were prompted to connect their cryptocurrency wallets.

Tim Silman, a nonprofit employee, is one person who lost money through the scam. Silman estimates that around $300â"400 in ETH was drained from his wallet after he visited the fake Discord server through a link posted on the CryptoBatz website. [...] An Ethereum wallet address Silman indicated was linked to the scammers had received a series of incoming transactions totaling 14.6 ETH ($40,895) on January 20th and sent it onwards to a wallet containing more than $150,000. The project had been slow to remove the bad links, even when informed, Silman said. Even as the fake link remained present in a prominent tweet, the CryptoBatz project continued to hype the public token mint. As of January 21st, CryptoBatz NFTs were being resold on OpenSea for around 1.8 ETH ($5,046).
Sutter Systems, developers of the CryptoBatz NFT, laid blame for the scam squarely with Discord. "In our opinion this situation and hundreds of others that have taken place across other projects in the NFT space could have easily been prevented if Discord just had a better response/support/fraud team in place to help big projects like ours."
This discussion has been archived. No new comments can be posted.

Ozzy Osbourne's NFT Project Shared a Scam Link, and Followers Lost Thousands of Dollars

Comments Filter:
  • by bloodhawk ( 813939 ) on Friday January 21, 2022 @06:28PM (#62196003)
    A fool and their money are soon parted, just as true in the virtual space as it is in the real world, if anything it is even more likely in the virtual space.
    • I feel bad for people who lose money to scammers but not as much I should for these types of unsecured transactions. Its bad enough in stocks or trades where your financial future is at the whim of the market. This is just a whole other level of crazy. Someone is going to make money on this and it isnt your everyday Joe.
      • by kmoser ( 1469707 )

        This is just a whole other level of crazy.

        Yes, they're going off the rails on a crazy train.

  • ... from an old pigeon eating rocker.

  • CryptoBatz has shown negligence here. Lawyer up, cunts. Other than that, hahaha suck eggs losers.
  • Comment removed based on user account deletion
  • Maybe when the pandemic is done we can repurpose all the coronavirus dashboards and trackers to instead track crypto currency and NFT scams. Or is a system that tracks the spread of a virus through the entire global population not sufficiently large enough to manage them all?

  • It seems that the common denominator with all the NFT scams is Discord. Discord was used to share info about the NFTs, and in some cases exploited. Perhaps a strengthening of security on Discord servers would be a good idea, or perhaps some way to authenticate the admins to the users.
    • There is absolutely nothing that would give any even slightly tech-savvy person the impression Discord is a secure environment - quite the opposite. Anybody can launch any number of servers, those servers are then managed by one or any number of other people they give permissions to, a wide range of media types can be linked to and from using embedded links, even users can invite other individuals, and there aren't really any built in tools to manage that fur ball of user access control. And all of that inc
  • Sorry (Score:4, Insightful)

    by jd ( 1658 ) <`imipak' `at' `yahoo.com'> on Friday January 21, 2022 @07:05PM (#62196097) Homepage Journal

    The fact is that you can't assume competence by those you obtain services from. Why should they be competent? 'Nobody ever got fired by buying IBM', so the story goes, so it really doesn't matter to the IBMs of the world if they do a good job or not. They still get customers, still get advertisers, still get users. It's why Microsoft can sell OS' that have security holes by the thousands to government agencies, banks and high-end corporations. They don't need to do a good job, it simply won't impact the bottom line. It never has, it never will, no matter how much money people lose.

    Same reason one corp I worked for got a line leasing agreement from MCI, MCI violated the terms and the corporation simply let it slide - because contract terms don't mean a damn thing and both sides knew that going in. It would cost the corporation too much money to find an alternative, too much time to switch over, and too much prestige to admit failure. So MCI didn't have to honour anything and they'd still get their money. Even if the corp did eventually switch, one deal amongst millions is peanuts and no new customer would be deterred just as the corp wasn't by MCI's already uncertain reputation at that time.

    The rule of business, though, is not about doing the right thing, it's about not getting the blame. Outsourcing is about blaming others for your mistakes and incompetence. Always has been. That's why nobody ever got fired for buying IBM. Has nothing to do with IBM being any good, it has to do with IBM being someone management could blame when things go south, thus protecting management for not taking anything seriously.

    No, this is all common knowledge. Ozzy's tech crew knew they should have secured things, that they should never trust an organization with nothing to lose to always do the right thing, but by having Discord do all the dirty work, Ozzy's techs could rest easy in the knowledge that when something went wrong (and that's inevitable), then it's somebody else's problem, not theirs. And that's how this game has always been played.

    Which is why so much goes wrong in technology. If nobody takes responsibility, then nobody has to ensure the right thing is ever done and nobody has to fix the problems when the wrong thing is done.

    It's also one reason corporate IT managers don't do anything about security. If they did and the company gets hacked, then it's their fault. But if security has been outsourced to someone else, then it's somebody else's problem.

    (Another being that IT is always listed as an expense, and competence is a much higher expense in the short term that beancounters are concerned with than incompetence. That it's cheaper in the long term, because the risks are lower, doesn't matter because high expenses now hit profit margins and dent share prices. And as it's a continuous drain, will continue to hit profit margins and share prices. A major scandal that may last a week or two at most, even if it's ten times the size, only dents profit margins and share prices for those couple of weeks.)

    It's why the NHS got stiffed for a fortune over Heartbleed, even though the systems that were compromised should never have been on the public Internet to begin with. It's why there are hydroelectric dams with SCADA gear also on the public Internet. It's why almost the entire corporate IT sector is a mess, with a few exceptions. And it is only a few. Doing things right is rare, but doing things wrong is cheap and if the dice keep rolling in your favour until you're promoted, you get a nice bonus for doing a crappy job that costs the bosses less and you don't have to worry about the next guy complaining because the bosses will argue that the last guy (who they now play golf with) did the same job (as far as they're concerned) for less.

    Because this is the standard mode of operation pretty much everywhere, if Ozzy wanted to hire someone then these are the sort of people who would be applying. The sort of people with the most experience, because good guys don't last in a toxic envir

    • that only happens when it's the lawmakers themselves who get fleeced. And I doubt many are Ozzy fans.

      Really, why not? Right age, largely.

      While I think it's insane to trust money to an Ozzy tweet, I do have to say I'm impressed by his ability to stay relevant. He rode the reality TV wave when it was a wave, and now he's riding the NFT wave apparently. Is there anything the man can't do?? ;)

      • by jd ( 1658 )

        I'll agree that Ozzy is staying relevant, which is definitely impressive.

  • Something associated with an NFT was a scam? Will wonders never cease.
  • your money went into the void, you are not a master of reality

    Rocket engines burning fuel so fast Up into the night sky they blast Through the universe the engines whine Could it be the end of man and time? Back on earth the flame of life burns low Everywhere is misery and woe Pollution kills the air, the land and sea Man prepares to meet his destiny, yeah

    https://www.youtube.com/watch?... [youtube.com]

  • by Anonymous Coward
    So, a bunch of money laundering crypto criminals got suckered into the NFT fraudsters' game but ultimate got suckered by crypto wallet phishers? Trying to find some sympathy... nope, got nothing.
  • by cascadingstylesheet ( 140919 ) on Friday January 21, 2022 @10:18PM (#62196293) Journal

    I mean, if you can't trust vast amounts of imaginary money to an Ozzy Ozborne tweet, what can you trust it to?!?

    What is this world coming to??

  • I am shocked ! Shocked I say..
  • So let me get this right., if you replace Discord with a physical house, it goes like this:

    They had a house they got mail at.
    They moved houses.
    They started getting mail at the new house.
    They had old posts still referencing the old house's address.
    They didn't setup mail forwarding from the old address.
    Someone moved into the old house and kept the mail, doing bad things with it.

    Sounds less like hacking and more like bad, chaotic business practices just asking for trouble.

There's no sense in being precise when you don't even know what you're talking about. -- John von Neumann

Working...