Moroccan Charged With OpenSea NFT and Crypto Theft

Written by

A Moroccan man has been charged with four counts relating to a scheme to steal nearly half-a-million dollars’ worth of cryptocurrency and non-fungible tokens (NFT) from a US victim.

Soufiane Oulahyane, 25, allegedly operated a phishing website that spoofed NFT marketplace OpenSea in order to access victims’ cryptocurrency wallets and steal their money and NFTs.

Read more on NFT threats: NFT Fraud in the UK Soars 400% in 2021

In around September 2021, Oulahyane used paid advertising to ensure his phishing website appeared first in search results for “OpenSea.” Victims visited the lookalike site as normal, believing they were interacting with the real thing, and entered their logins, only for them to be transmitted direct to Oulahyane, according to the Justice Department (DoJ).

A Manhattan-based victim did exactly this on September 26 2021, entering their crypto wallet seed phrase, which ended up in the hands of Oulahyane.

Almost immediately, he allegedly used that seed phrase to obtain unauthorized access to the victim’s cryptocurrency wallet, transferring funds to another wallet under his control and selling dozens of the victim’s NFTs on the OpenSea marketplace.

In total, he is alleged to have made $448,923 from the stolen crypto and NFTs.

Oulahyane is charged with wire fraud, use of an unauthorized access device, affecting transactions with an access device to receive something of value that is equal to or greater than $1000, and aggravated identity theft. These carry a total maximum combined sentence of 47 years in prison.

In another case reported by Infosecurity in February 2022, an unnamed threat actor sent phishing emails to OpenSea customers, which enabled them to make over $2m in Ethereum after stealing and selling NFTs.

These emails were timed to coincide with an OpenSea article about an upcoming contract upgrade.

It’s unclear who was behind this campaign, but Oulahyane is currently in custody in Morocco on other charges, the DoJ said.

Editorial image credit: Diego Thomazini /

What’s hot on Infosecurity Magazine?