Department of Justice (DOJ) has charged Moroccan national Soufiane Oulahyane, 25, with being involved in the stealing of non-fungible tokens (NFTs) and cryptocurrency valued at around $450,000.
Oulahyane is charged with creating a fake version of the well-known marketplace OpenSea and tricking users into revealing their private crypto wallet keys.
In accordance with the DOJ’s statement, Oulahyane purchased advertisements in order to ensure that his fake OpenSea website would appear as the top result on search engines when people searched for “OpenSea.”
Following that, he convinced them to enter their wallet keys, unknowingly granting him access to their cryptocurrency.
U.S. District Attorney for the Southern District of New York, Damian Williams, described the offense as “spoofing,” an old criminal tactic adapted for the crypto industry.
Oulahyane is presently in custody in Morocco on foreign charges; however, he has been indicted by the United States Attorney for the Southern District of New York, Damian Williams, as well as the Acting Assistant Director in Charge of the New York Field Office of the Federal Bureau of Investigation (FBI), Christie M. Curtis.
U.S. Attorney Damian Williams stated, “As alleged, Soufiane Oulahyane applied a prevalent cybercrime technique to steal cryptocurrency and NFTs from victims. Spoofing is one of the oldest practices in the criminal playbook.
The allegations made public today should serve as a reminder that cybercriminals can target digital assets like cryptocurrencies and NFTs and that my Office is committed to prosecuting these criminals domestically and internationally.
Acting Assistant Director in Charge Christie M. Curtis pointed out the FBI’s commitment to holding individuals accountable for malicious cyberattacks against US interests, regardless of their location.
Four charges have been brought against Oulahyane: wire fraud, using an unlawful access device, aggravated identity theft, and carrying out transactions with an access device to get property with a value equal to or greater than $1,000.
He might be subject to a prolonged prison sentence if proven guilty.
Oulahyane’s Spoofing Technique for Stealing $450,000
In 2021, Oulahyane’s alleged exploit purportedly contributed to the attack of $450,000 worth of NFTs and cryptocurrencies from a Manhattan-based victim.
The allegations against Oulahyane come from an incident in September 2021 in which the victim unintentionally went into Oulahyane’s faked version of the OpenSea login page, believing it to be the genuine website.
As a result, the victim accidentally gave Oulahyane access to his or her cryptocurrency wallet’s seed phrase.
Oulahyane promptly moved the victim’s crypto to a different wallet and sold 39 of the victim’s NFTs on the OpenSea marketplace, redirecting the stolen funds.
Among the illegally obtained NFTs sold were pieces from the Bored Ape Yacht Club series, namely one purchased by the victim for about 49 ETH.
Oulahyane also sold three more NFTs: a Meebit NFT for 9.88 ETH, a Bored Ape Kennel Club NFT for 6 ETH, and a CryptoDad series NFT for 1.789 ETH.
The judicial proceedings against Oulahyane illustrate the growing necessity for vigilance in the crypto world, as well as the efforts of law enforcement agencies to hold hackers accountable for their acts.
Discussion about this post