The hacker drained 119.2 ethereum, or about $185,000, from Murray’s wallet just hours after he raised funds in an auction-style bidding war.
The money Murray raised for Chives Charities, a non-profit that supports veteran and first responder families, on Wednesday was stolen on Thursday evening, according to CoinDesk, which first reported the news.
The Lost in Translation actor was auctioning off a Beer with Bill Murray NFT, causing a bidding war. Coinbase user Brant Boersma outbid six challengers to win a meeting with Murray, which would be painted on the canvas and turned into a digital copy.
The funds were stolen despite the actor having a wallet security team from a firm called Project Venkman. Murray’s team told CoinDesk that the attacker sent the stolen funds to a wallet address tied to the crypto exchange Binance and Unionchain.ai and was yet to be identified. It filed a police report and was working with blockchain analysis firm Chainalysis to find the culprit.
The hacker also targeted Murray’s personal collection, worth thousands more, which the actor’s security had better luck protecting. The collectibles – including a Damien Hirst and two Crypto Punks – were shielded by moving them to safehouse wallets, CoinDesk reported.
The hacker also tried to steal 800 NFTs from the Bill Murray 1000 collection in the same wallet. These tokens, the cheapest of which cost around $17,000, were also protected by moving them to a safehouse wallet.
Meanwhile, the runner-up in the auction, Coinbase user Mishap72, stepped in to make up for what was stolen. They sent 120 ethereum – or around $187,500 – to Chive Charities, according to Coindesk.
Vulnerabilities increasingly exploited
The FBI warned last week that cybercriminals were increasingly exploiting vulnerabilities in the smart contracts that govern the decentralized finance (DeFi) platforms.
“Cyber criminals seek to take advantage of investor’s increased interest in cryptocurrencies, as well as the complexity of cross-chain functionality and open source nature of DeFi platforms,” the FBI said in a statement released just days before the Murray heist.
According to Chainalysis, cybercriminals stole $1.3 billion in cryptocurrencies between January and March 2022 alone. Almost 97% were stolen from DeFi platforms, a rise from 72% in 2021 and 30% in 2020, respectively.
DeFi platform Kyber Networks said last week it was hacked for $265,000 after a threat actor exploited a vulnerability in its frontend. In a similar heist, also last week, privacy coin ShadowFi said it lost around $300,000.
More from Cybernews:
Subscribe to our newsletter