Skip to content

MicroStrategy and RiskOnBlast Incidents Underscore Ongoing Crypto Risks

With substantial losses incurred due to a recent SIM swap attack and rug-pull, the importance of adopting secure practices and conducting thorough due diligence is as relevant as ever.

As cryptocurrency prices continue to surge, the frequency of rug pulls, scams, and hacking incidents also rises. This underscores the critical need for users to stay informed and vigilant against the risk of losing their digital assets. Recent events involving MicroStrategy and 'RiskOnBlast' highlight the ease with which one can lose substantial sums of money if basic security rules are not followed, especially in the pursuit of quick profits.

MicroStrategy, one of the top corporate holders of Bitcoin, fell victim to a SIM swap attack earlier today. Hackers were able to gain control of the project’s X account and publish malicious phishing scam links on the company’s feed. 

Victims were lured to a fraudulent MicroStrategy webpage, where they were prompted to connect their wallets to a drainer contract. After granting several permissions in their Web3 wallets, it became possible for the attackers to siphon off the tokens from the users’ wallets.

As a result of this scam, at least one user lost $424,786 in $wBAI, $wPOKT, and $CHEX, according to ScamSniffer. The drainer wallet currently contains $322k in stolen cryptocurrency.

This incident underscores the importance of adopting secure practices in the crypto space. To protect against phishing and token-draining schemes, it is advisable to use two types of wallet: a hot wallet for regular transactions and a separate cold wallet for storing larger sums. The cold wallet, ideally a hardware wallet, should not interact with smart contracts. Instead, utilize a hot wallet for interacting with these. Essentially, a hot wallet should only contain funds you can afford to lose.

Another incident over the weekend involved 'RiskOnBlast', a project on the Blast layer 2 network that presented itself as a gambling and exchange platform. After raising over $1 million from investors, the team, which remained anonymous, has deleted all the project’s social media accounts and disappeared. 

The endorsement of 'RiskOnBlast' by Blast’s official account, which described its potential as 'undeniable', may have misled users into believing it was a safe investment. However, it has subsequently been revealed that the Blast team lacked the means to conduct sufficient due diligence on the project. 

The incident has drawn criticism for this lack of due diligence and hasty investments in projects with no proven track record, often promoted by influencers and funds eager to capitalize on the Blast ecosystem.

On-chain researcher @somaxbt reported that the stolen funds were traced back to over 750 wallets, with significant amounts transferred to various services and exchanges. 

The frequent occurrence of rug pulls and scams on blockchain platforms serves as a reminder that the crypto world is fraught with risks, even for projects that seemingly come with trusted endorsements. A key takeaway should be to exercise caution, particularly with unknown accounts or anonymous teams, and to invest only what you can afford to lose.