1/ "What doesn't kill you makes you stronger!" -Kelly Clarkson. Ok it wasn't Kelly, but Nietzsche. This is the story of multi-tasking stupidity leading to a hack. Lesson here...be vigilante in all things crypto related.

2/ I was in the middle of some in IRL work stuff when a twitter message from a fren popped up about Oddity nesting. On the surface it made sense, so I followed the message to what I thought was @JustinMezzell's account tweet...it was very similar with 20K+ followers.

3/ This is where I failed "social engineering 101". I usually check the authenticity of the account and then go to the official website, but I didn't and that was mistake #1. Went to my non-social media system with my hot wallet and went to odditiesburrow (the spurious site).

4/ Here I committed cardinal sin #2, I connected my wallet and not only approved a transaction...I approved several of them. Till my brain finally clicked in and said 'idiot' WTF are you doing? Something is off here.

5/ By then I was watching in amazement as one by one items were being transferred out of my hot wallet. I quickly disconnected odditiesburrow from MM. Went to revoke.cash and kinda froze. My mind was wondering between transferring assets out and revoking perms.

6/ This is when I pinged my friend and one of the smartest technologists in web3 @0xfoobar to seek his advice. When the shit's hitting the fan...your brain kinda does the 'squirrel', so he was a calming influence giving me some checks to do and suggestions.

7/ First transferred out some of the higher value stuff to my vault and then followed foobar's advice to revoke all perms for the hacker wallet. I should've and could've been faster at this than I was, but I chalk it down to kinda like an accident unfolding in real time.

8/ You gawk in amazement. The hacker was doing this one transaction at at time...if they had scripted it, I could've had the entire wallet wiped.

9/ The hacker ended up with 12 oddities (some grails), 22 rune warriors, 35 rekt guys (couple of grails), 2 chimpers, a Gmoney admit one pass, a goblin (mcdonalds take your order special) and my pride.

10/ The hackers got a lot of stuff, but they didn't get my dickbutts. Shows you hackers don't get culture. They'll always be on the outside looking in.

11/ I'm fortunate that I have a multi-wallet setup with a vault & hot wallet for NFTs. If this was my vault wallet, could've been a disaster. This clearly outlines the need for a tertiary wallet for minting etc. Also, don't be lazy your hot wallet bloats in time...hygiene!!!

12/ Hope this helps some of ya'll avoid this. It could've been orders of magnitude worse. I got lucky, but need to be extra vigilant. Never forget that self custody means you need to build your own Fort Knox. Don't be lazy, triple check and avoid multi-tasking.

13/ Really and truly appreciate the outpouring of support from my metaverse fam. All the stuff I have is replaceable, but the relationships forged are not! 🙏🫂💕