NFT content creators fall victim to PDF hack

NFT content creators Gugus and Calad hacked on same day

Watch out for phishing emails - malware can be disguised as a PDF file, as these influencers discovered to their cost.

NFT content creators are now being targeted by a new crypto hack..

Two well-known NFT content creators, Gugus and Calad, posted on the same exact day that they were hacked via a fraudulent email that contains malware that will grant the hacker access to your computer.

Gugus, an NFT content creator with more than 20,000 followers on YouTube, posted a new video on his channel claiming he has been a victim of a hack.

According to the video, Gugus opened an email that’s supposedly from a known NFT game that he’s been very excited to work with. He opened the email and found a PDF file. He tried opening the said file but it didn’t seem to work. Later, he found out that the PDF file was actually an SCR file that contained a virus which gave access to the hacker to Gugus’ three wallets.

Luckily, his Metamask and Phantom wallets are empty but the hacker managed to siphon funds from his Binance account despite having his two-factor authentication activated. Gugu’s disclosed that the funds were supposed to be used for breeding Pegas, which are horses from the NFT game Pegaxy.

On the same day, on the other side of the world, another NFT content creator would reportedly met the same fate. At 9PM GMT+8,  Calad, a NFT streamer with almost 200,000 followers on Facebook,  found out that he also fell victim to a similar hack. He said that his main account that’s not connected to any of his hardware wallets was hacked with the total damage amounting to almost $10,000.

According to Calad, he saw an email from Star Atlas offering him an advertisement deal to promote their project. Since the email mentioned Star Atlas, a hotly anticipated NFT project, he immediately opened it as well as the attached PDF file. Just like in Gugus’ case, Calad tried to  open the file, failed in doing so and later found out that it was an SCR file.

Although Gugu didn’t mention any specific details in his video, the similarity of the hack suffered by both individuals was incredibly high, so one can safely assume it’s the same modus operandum.



Phishing email - do not click!
Don’t be a phish! Click carefully, as thieves want to steal your crypto…


With the NFT train going full-speed, we can expect more hacking attempts from people who want to take advantage of innocent investors.

To our readers: please store all your assets in a cold wallet and be careful with anything you click — meanwhile, here’s a useful guide to keeping your crypto safe