top of page
  • Writer's pictureDavid Manion

Crypto Sleuth ZachXBT Unmasks Scammer Behind The Kumaleon NFT Phishing Attack

ZachXBT, a popular on-chain sleuth, has unmasked the notorious scammer linked to the Kumaleon phishing attack that left 111 NFTs lost. The scammer has also been terrorizing crypto projects and non-fungible token investors within the crypto community.

ZachXBT Unmasks Scammer Behind Kumaleon Phishing Attack

In a February 20 blog post, ZachXBT, a rug pull survivor who turned into an on-chain sleuth, shared a thread showcasing how notorious Canadian-based phishing scammer known as “Chards” has been stealing crypto and non-fungible tokens from crypto investors.

The on-chain detective began tracking the notorious scammer “Chards” a few weeks ago after his account became active in the Bored Ape Discord server and started showcasing his ENS address madman.eth as well as BAYC #7941 & #6716.

After conducting in-depth investigations, ZachXBT has linked the madman.eth domain to phishing attackers that stole more than 115 ETH in NFTs in September 2022. The stolen NFTs included BAYC #4651 and 18 other NFTs.

Moreover, ZachXBT associated the same address to the scammer serpentau.eth, responsible for the recent Azuki, Mutant Hounds, Chimpers, and A Kid Called Beast (AKCB) Twitter compromises.

The crypto detective has also linked the Canadian scammer with the Kumaleon Discord Sever attack that left many crypto investors losing thousands of crypto and NFTs in November. These Scammers are believed to have stolen millions of crypto and NFTs.

Other Phishing NFT Scams In 2023

Since the year’s start, scammers have relentlessly attacked crypto projects and NFT investors. Last month, Kevin Rose, an NFT investor and the founder of Moonbirds NFT collection, fell victim to a scam and lost over $800K in NFTs.

Earlier this year, notorious hackers compromised the Mailchimp account of digital asset incubation studio Yuga Labs. Fortunately, the Bored Ape Yacht Club creator has confirmed that even though an unauthorized user raided its Mailchimp account, no data seemed exported.

Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.


bottom of page