According to Webaverse reports, last year, for several weeks, Webaverse was the target of a skilled scammer group posing as investors.
The Webaverse team and the con artists met in Rome at the end of November 2022, where about $4 million in scam proceeds were stolen. They reported the theft the same day to a local Rome police department, then, a few days later, with an IC3 form, to the FBI.
Scammer persuaded Webaverse to send money to new wallet
Although they aren’t entirely sure how it transpired technically, they believe that the scammers persuaded them to transfer money into a new wallet created and maintained to show ‘proof of funds.’
According to reports, they hired a reputable investigations company after the incident to organize a third-party assessment of the circumstances. To prevent the inquiry from being harmed, they decided against making this public.
However, they wanted to handle it professionally; therefore, they took necessary precautions to ensure that only some involved in the incident knew the specifics of the investigation. They have notified all significant parties, including their investors, the executive team, and particular neighborhood residents.
According to the intermediate report from the ongoing investigations, they can still not accurately determine the attack vector. The investigators thoroughly examined the material and interviewed the relevant parties in-depth, but more technical data is required before they can confidently draw judgments.
More information expected from Trust Wallet
To establish a technical conclusion, Trust Wallet is required by Webaverse to specifically provide more information on the activity on the wallet that was depleted while also aggressively pursuing individuals for their records.
@wassielawyer verified that this organization had contacted another group of clients separately in early 2022. via matching signatures in documents signed by the scammers with his other clients and Webaverse.
While this was going on, evidence gathered by investigators through scraping information in the signed documents points to the possibility that the same group is also focusing on other initiatives.
The detectives alerted all exchanges if the attackers tried to use fraudulent KYC documents to exit the network. The cash was divided into six transactions and distributed to six new addresses, none of which had previously received any payments.
After that, all the USDC was changed into ETH, BTC, and USDT using 1inch swap addresses and disseminated across a more extensive set of 14 addresses (inclusive of those mentioned above six). They then transferred to four new addresses from these 14 addresses.