The experience of being hacked on Warpcast taught me valuable lessons about online security and vigilance. In a moment of excitement, I replied to an unread message, believing it was an appreciation for my community contributions. As a freelancer striving to improve my skills through a costly creative art designing program, I saw no harm in engaging with the sender. Little did I know, this seemingly innocent interaction would lead to unexpected consequences and a crucial learning experience.
How It All Began?
It started with an unread message in my Direct Cast (Private Message) and thinking that my contribution for the community has been appreciated and being a nice guy, I politely replied to the sender thinking that no harm in saying hi and chat with him to understand what is the opportunity about coz as a freelancer without a steady income who recently just spent quite a large sum of money to sign up for a 3 months long creative art designing program over the weekend to enhance my skills so that I can provide a better life for the family, what have I got to lose by replying the message right?
So when I started to chat with him, I was quite sceptical at first as I still remembered Ashira’s, Ryan’s, Windy’s cases so I did take extra precautions to search further through the Link3 url he sent me.
First I checked on his Warpcast account, FID 541901 with 234 followers, seems like a not so new account and didn’t come across my mind to discriminate those who have or don’t have a Power Badge but what got my lowered my guard was when I saw he was also followed by some friends that I know like Fookinnowan (FID 206570), Mikki (FID 307820), DappyKit (FID 354669) who are way senior than me then I thought it should be ok for me to chat with him.
Then I asked him since he introduced himself as Sam but I don’t see the name in the team provided in the Dexisapp project, so he answered that he is using different name for the X account which is understandable as I also use different X accounts for Bleu and my personal X account that I hardly use since I registered the account last year. To be honest, Warpcast is the ONLY social media that I use on regular basis as it is the ONLY ONE that brings food to the table.
I even went further to check on the company Dexisapp which is an IT company incorporated in 2022 and the owner is an Ukrainian named Lazarev Oleg which I thought could be a refugee who fled to UK after the Ukraine-Russia war so doesn’t really bother much about who is the owner and when I used https://whois.com/whois to check the company worrying that it could be a phishing site that looks like the UK government site but later found that it is a legitimate UK Government site https://find-and-update.company-information.service.gov.uk/company/14252701/, so thinking they can’t possibly hacked the UK government site to make up the company registration details right and I proceed to the final stage of the hack before it happened.
So here I was thinking that everything is fine so far and I just followed his message to register on the website using another email which is not the same as the one I created for my Warpcast wallet. And just to make sure I don’t download a virus/trojan, I even used both the https://virustotal.com/gui/home/upload and Microsoft antivirus to scan the downloaded file before I double click on it. I even have the Pocket Universe extension installed on my Chrome so I think I am quite well protected.
Out of courtesy, I even told him that they should optimise the website as it took me very long to load the page and thought it might be my internet speed that is causing the delay without realising something fishy is happening despite the he asked me to update my C++ driver (the error message when I double clicked the downloaded file) until I suddenly saw a Zerion logo appeared on my phone screen which usually notifies me if there’s a transaction being done.
So the first thing came to my mind was to use revoke.cash and I quickly went to the site but surprisingly I don’t see there is anything at all for me to revoke! I asked my amigo Agusti what should I do and he advised me to disconnect from the internet and savage whatever I can.
I am so shocked of such thing can happen, without any authorisation and signing of transaction message popping up in my browser, the wallet just got drained. I am not the person who like to give up easily so I searched the internet what could I have done wrong despite being careful with the DYOR, so I found this article which wrote that by just knowing your wallet address the scammer can drain your wallet, so I am thinking could it be that I have being a target for being too vocal about casting and quotecasting those scammers and hacking news over the past few days.
It’s not hard to know a person’s wallet address by using onchain analysis tools and luckily I manage to track down the wallet address of the scammer @huv (FID 541901), so I hope if I can’t recover the money, at least someone can track him down and freeze his account (0xC67BA349f1E5E2C55843a7273875b9282A9bcD2B) so that he can’t use any of the money he had stolen from me(and/or others) and banish him and his colleagues from Warpcast and X for good so that they can't cause anymore harm to people.
In summary, what I've learned is despite you are being careful and not feeling sleepy when doing any transactions, you still can fall into the trap of scammers and maybe it is time for us to change how we give away our wallet address for lucky draws or raffles, or even showing it publicly like when we nominating someone on Build, our wallet address is already exposed.
It's just matter of time people lose trust in any platform due to these bad actors, I know I might be nobody but the least I can do is to share this painful experience so that it can perhaps reach to the right person to make some changes on how we handle our wallet address or getting message from unknown stranger but followed by some people we trust.