A Moroccan man is facing charges in connection with a sophisticated scheme to steal nearly $500,000 worth of cryptocurrency and non-fungible tokens (NFT) from a victim in the US. Soufiane Oulahyane, 25, is accused of running a phishing website that impersonated the popular NFT marketplace OpenSea, tricking victims into revealing their login information.
According to the Department of Justice (DoJ), Oulahyane used paid advertising to boost his phishing site’s visibility in search results for “OpenSea” in September 2021. Victims unknowingly visited the fake website and entered their login details, which were then sent directly to Oulahyane. One victim from Manhattan fell into this trap on September 26, 2021, disclosing their crypto wallet seed phrase to Oulahyane.
With the victim’s seed phrase in hand, Oulahyane allegedly gained unauthorized access to their cryptocurrency wallet, transferring funds to his own wallet and selling numerous NFTs on OpenSea. The total amount stolen by Oulahyane is said to be $448,923.
The charges against Oulahyane include wire fraud, use of an unauthorized access device, affecting transactions with an access device valued at $1000 or more, and aggravated identity theft. If convicted, he could face up to 47 years in prison.
In a separate incident reported earlier this year, an unidentified threat actor targeted OpenSea customers with phishing emails, resulting in over $2 million in Ethereum being stolen through the sale of NFTs. These phishing emails coincided with an OpenSea article discussing an upcoming contract upgrade.
While the perpetrator behind this phishing campaign remains unknown, Oulahyane is currently detained in Morocco on unrelated charges, according to the DoJ. The case highlights the growing threat of cybercrime in the cryptocurrency and NFT space, underscoring the importance of vigilance and cybersecurity measures for both individuals and businesses operating in this sector.