Cyber Incident Victim: DeeKay Kwon

On or around July 14, 2022, attackers compromised the Twitter account of NFT artist and animator DeeKay Kwon, who had approximately 180,000 followers at the time. The hackers posted a fraudulent tweet promoting a fake "LetsWalk Collection Airdrop," falsely advertising an exclusive NFT release limited to 1,000 claimants. The tweet contained a link directing users to a counterfeit version of Kwon’s legitimate website. Followers who clicked the link were prompted to approve transactions that subsequently enabled the theft of NFTs from their digital wallets. The attack resulted in confirmed losses totaling $150,000 worth of NFTs across multiple victims. One identified victim, a self-described former Coinbase engineer, publicly disclosed the theft of seven NFTs from his wallet.

DeeKay Kwon addressed the incident through a series of tweets explaining the breach. He stated that while two-factor authentication (2FA) was typically enabled on his social media accounts, he suspected it might have been inactive during the intrusion window. The artist did not specify the exact method of initial account compromise but confirmed the attacker’s malicious link facilitated wallet drainer transactions. No technical details about the counterfeit website’s infrastructure or transaction approval mechanisms were disclosed. The incident exclusively impacted users who interacted with the fraudulent link, with no evidence suggesting broader system compromises beyond the Twitter account hijacking and subsequent NFT thefts. Kwon expressed no formal recovery efforts for stolen assets but commented on hoping for karmic consequences for the attacker.