Diablo/Josh purchased a $10k watch with stolen funds from Moonlanderz, EZU, NounsDAO, Flurs Pass, Shadow XYZ phishing attacks. Diablo works under HZ/Chase and Chards primarily by cold messaging potential victims.

Nounsdao Twitter ATO. nounsdao[.]me uses OpenSea API key eeae1d7d4423433ab5e103905ee7cf06 and Discord webhook for real-time alerts: 990824028862300170/poOSMnjGh2G-0N209Dzsi__Oc1AGgxl8GOw_Wl0wiEEMqe7S2AWPF22GBmLJgM2plnTf nounsdao[.]wtf on the other hand uses websocket, similar to the attack against Parallel NFT

Nouns DAO Twitter account compromised on June 28th 2022. Attacker posted Tweets with links to two phishing websites. Likely same group as Parallel and Nansen.