Mike Winkelmann at his exhibition, "Beeple: Uncertain Future." Photo: Katya Kazakina.

A phishing scam targeting the Twitter account of the popular digital artist Beeple made off with over $400,000 in cryptocurrency and NFTs yesterday.

According to on-chain analysis of the scam, hackers were able to gain access to Beeple’s Twitter account for approximately five hours, tweeting out two separate links to a malicious website that would, in turn, drain victims’ MetaMask wallets of Ethereum and high-value NFTs such as Mutant Ape Yacht Club, VeeFriends and Otherdeeds, among others. 

The attack, which promoted a raffle for a collaboration with Louis Vuitton (a plausible claim given the artist’s work with the brand in 2019), began with “Beeple” tweeting to his 673,000 followers: “Been working on this with LV for a long time behind the scenes. 1000 total unique pieces […] Official Raffle Below. 1 ETH = 1 Raffle Entry. All non-winning entries are refunded post raffle. Good luck :).”

Soon after, despite it being flagged and reported as suspicious by a vigilant MetaMask security employee, attackers made off with hundreds of thousands of dollars in digital assets that they then funneled into a crypto mixer in an attempt to launder it. 

The first tweet netted the attackers around 36 Ether (roughly $73,000 USD), while the second, much more profitable, attack, saw around $365,000 in NFTs and crypto exchange hands. 

Later on Sunday, Beeple tweeted that he had regained control over his account, warning his followers to be vigilant and mindful of similar scams. “Anything too good to be true IS A F*CKING SCAM,” he wrote. “And as a side note, there will never be a SURPRISE MINT I mention one time in one place starting at 6am Sunday morning.”

This isn’t the first time scammers have targeted the high-profile artist, known most recently for his collaboration with Madonna. The NFT creator’s discord was hacked in November, an attack that then led to the loss of around 38 ETH (approximately $76,000 by today’s metrics). 

What’s more, phishing scams are becoming increasingly prevalent across the entire spectrum of the NFT space, with a recent Yuga Labs drop netting attackers over $6 million in ill-gotten gains. 

In January, hackers also stole NFTs valued at $2.2 million from New York art collector Todd Kramer. No less than a month later, the world’s largest NFT marketplace, OpenSea, witnessed defrauders pilfer $1.7 million worth of NFTs in another phishing scam.