Charlotte Fang, the creative force behind the Milady NFT collection, confirmed a major security breach on Saturday, March 16.
According to Fang, an unknown hacker has illicitly transferred millions of dollars worth of Ether (ETH) and non-fungible tokens (NFTs) from the treasury of Remilia, the decentralized autonomous organization (DAO) responsible for the Milady Maker project.
This security incident first came to light through a post by Dumpster DAO, an X user who shared what appeared to be a distressing message from Fang (also known as Krishna Okhandiar), suggesting that the Remilia treasury had been drained.
Remilia treasury appears to have been drained
Assets from multiple official Remilia wallets have been moved to the address below and are being sold off
0x778Be423ef77A20A4493f846BdbcDDfc30252cE9 pic.twitter.com/AgwmVwWIE4
— Dumpster DAO (@Dumpster_DAO) March 16, 2024
In their detailed account, Dumpster DAO highlighted that the mysterious wallet involved in the incident had not only sold off valuable NFTs but also managed to withdraw approximately $1 million in ETH, moving it to a secondary address.
In response to mounting concerns from the crypto community, particularly from those holding Milady NFTs, Fang took to social media to confirm the breach. Fang elaborated that the hack compromised multiple wallets, advising the community to beware of any suspicious communications.
My system was hacked and it compromised all imported wallets. If you receive an odd message from any of my accounts, treat with caution. Still assessing, technical post-mortem will follow, but primary damage was the Fumo LP and the NFTs we held staked in NFTX, however NFT… https://t.co/K6w1CBTdFb
— ♡ Charlotte Fang 🐉 Crown Prince ❀ LOVE HEALS 💞 (@CharlotteFang77) March 16, 2024
Despite the breach, Fang reassured holders that NFT contract ownerships remain secure and stored on hardware wallets, though the immediate financial impact included various staked NFTs.
You might also like: Hackers breach Binance-incubated platform NFPrompt, token plummets 10%
Blockchain security experts, including those at Peckshield, have started dissecting the event, pinpointing an earlier suspicious transfer that may have initiated this debacle.
It seems there is an earlier ownership transfer of Remilia treasury to the drainer: https://t.co/uwvBCWXJIy https://t.co/kQz7DEWDqA pic.twitter.com/XuYFMct3Dn
— PeckShield Inc. (@peckshield) March 16, 2024
This incident isn’t Milady’s first brush with controversy; earlier in September 2023, Fang disclosed that a developer embezzled $1 million in generated fees, stating that the rogue actor and other individuals involved would face the full wrath of the law.
Tweeting about the alleged embezzlement at the time, Fang said that the developer worked on the Bonkler project. They stated that the theft affected fees generated by Remilia from Bonkler.
Additionally, the developer also reportedly seized codebases and connived with other individuals to attempt to take control of the platform’s social media accounts.
They succeeded in taking control of X accounts MiladyMaker and Remilioniare while locking out RemiliaCorp. The creator asked users to treat the accounts as “compromised” and provided new official X handles.
Read more: SEC charges 17 individuals in $300m crypto Ponzi scheme