After meeting with con artists who pretended to be investors in a hotel lobby in Rome, the co-founder of the Web3 metaverse gaming engine Webaverse stated that the company was the victim of a $4 million crypto heist.

During a meeting with two individuals who pretended to be investors, the co-founder of Webaverse Ahad Shams said they could somehow have his cryptocurrency robbed from his Trust Wallet.

According to Shams, the most peculiar feature of the incident is that the cryptocurrency was taken from a Trust Wallet that had just been set up and that the hack took place at some time during the meeting.

He asserts that the burglars had no way of knowing the private key since he was not linked to a public WiFi network at the time, and they would not have had access to it. Shams thinks that the con artists could access the wallet while he was photographing the contents to record the amount.

Details of the fraud execution

The letter, published on Twitter on Feb. 7, comprises testimonies from Webaverse and Shams. It explains that he met with a guy called “Mr. Safra” on Nov. 26 after many weeks of negotiations regarding the possibility of receiving funds.

a crypto scam stole 4m by just taking a photo of a trust wallet screen, with no seed phrases or any private info on sight

— 0xngmi (aggregatoor arc) (@0xngmi) February 6, 2023

Even though Shams was initially skeptical, he agreed to meet “Mr. Safra” and his “banker” in a hotel lobby in Rome. During this meeting, Shams was supposed to show “Mr. Safra” the proof-of-funds for the project, which he claimed he needed to start the paperwork.

According to Shams, he set up a new account for Trust Wallet at home on a device he didn’t often use. Shams states that he was confident and under the impression that even if he lost the private keys or seed phrases, the funds would still be secure.

Shams clarified that everything was above board since “Mr. Safra” had no access to private keys or seed phrases.

But as “Mr. Safra” left the conference room, ostensibly to confer with his fellow bankers, he vanished without a trace and was never seen again. Then Shams saw the disappearance of the cash.

“We were never able to locate him again. After a few minutes, the money was gone from the wallet.”

Webverse co-founder

Shams documented the theft to a local police station in Rome soon after it occurred. A few days later, he sent an Internet Crime Complaint (IC3) form to the Federal Bureau of Investigation in the United States.

Shams said that he still did not understand how “Mr. Safra” and the rest of his con gang managed to pull off the exploit.

How could they have pulled this off?

The co-founder of Webaverse thinks that the exploit was carried out in a manner that was comparable to an NFT scam narrative that was distributed on July 21, 2021, by NFT entrepreneur Jacob Riglin.

There, Riglin detailed how he had met with prospective business partners in Barcelona, shown that he had adequate cash on his laptop, and then, within 30 to 40 minutes, the funds had been depleted. Riglin said that the meeting had gone well.

Since then, Shams has revealed the Ethereum-based transaction in which his Trust Wallet was compromised. He pointed out that the cash was swiftly “divided into six transactions and transmitted to six different addresses, none of which had any previous activity.”

Using 1 inch’s swap function, the $4 million worth of USDC was transformed nearly completely into ether, wrapped-Bitcoin (wBTC), and tether.