Canadian phishing scammer, Chards, has been linked to a series of NFT thefts and crypto phishing scams through their ENS address.
ZachXBT, a Twitter detective, researched a Discord user, madman#9528, who became active a few weeks ago, showing off their Bored Ape. Notably, attached were their ENS address, madman.eth, and BAYC 7941 and 6716. However, the ENS raised a lot of questions.
In September 2022, madman.eth’s address was accidentally linked to a phishing attack involving stolen NFTs. There were 19 NFTs stolen for 115 ETH, and one of them was the BAYC 4651. In this instance, ZachXBT recovered 33.5 ETH for an affected user.
He linked the same person to a payment to a scammer, serpentau.eth (Lock) was found to be connected with the Azuki, Chimpers, AKCB, and Mutant Hounds Twitter hacks.
There was also a 17,500 USDC transfer that traces to Horror (HZ), also called Chase Senecal, that recently has assets swept by the FBI in suspected phishing scams. During that time, the FBI was able to get back some crypto, BAYC 9658, Doodle 3114, and AP watch.
Even more interesting was that madman.eth purchased a $13,500 Rolex watch from the same seller that sold to HZ and Diablo. Diablo is also a phishing scammer working with other scammers like HZ, Chards, or Two1 in messaging potential victims, whereby he gets a small cut from the stolen funds.
Source: https://crypto.news/phishing-scammer-linked-to-nft-thefts-including-bayc/