• Webaverse, a metaverse game engine, was hacked for $4 million in crypto when they met with two people posing as investors.
• The co-founder of Webaverse was asked to show proof of funds using a newly set up Trust Wallet and the thieves were somehow able to gain access while taking a photo of the wallet’s balance.
• The hack occurred during an in-person meeting with “Mr. Safra” and his “banker” in Rome, where the co-founder agreed to show the project’s “proof of funds”.
Webaverse Hacked for $4 Million in Crypto
The co-founder of Web3 metaverse game engine „Webaverse“ revealed that they were victims of a $4 million crypto hack after meeting with scammers posing as investors in a hotel lobby in Rome. The strange part is that the crypto was stolen from a recently created Trust Wallet and it happened during the meeting at some point.
Trust Wallet Setup
The hackers were unable to see the private key nor was he connected to public WiFi network at that time. Ahad Shams, co-founder of Webaverse stated that he had been contacted by an investor named „Mr Safra“ who requested for KYC (Know Your Customer) and stipulated that they have an IRL (In Real Life) meeting before investing. Despite being skeptical, Shams agreed to meet him and his „banker“ which ultimately led to their money being stolen from their Trust Wallet account.
Proof Of Funds
Shams explained that they created a fresh Trust Wallet account at home on a device not commonly used so that without having any private keys or seed phrases, their funds would be safe anyway. During their meeting, Shams transferred 4m USDC into this new Trust Wallet app which then prompted Mr Safra to take out his phone and ‚take some pictures‘.
Investor Suspicious
As soon as Shams returned home he noticed something suspicious on his wallet balance which made him realize what had just happened – someone had taken all 4m USDC from them! After noticing this, Shams immediately froze all transactions related to his wallet but unfortunately the damage had already been done!
Takeaways
It goes without saying that if you’re dealing with someone who claims to be an investor or doing business online always be sure you’re dealing with someone legitimate before going ahead with any deals – no matter how enticing it may seem! Also, if you’re ever asked for proof of funds make sure you use secure methods like setting up accounts on devices not commonly used or connecting via private networks rather than public ones!