Bored Ape Yacht Club’s (BAYC) official Instagram profile was hacked to promote a fraudulent phishing link to scam millions of dollars worth of non-fungible tokens (NFTs) from victims on Monday. 

See related article: Why NFT scams are on the rise — and how to stop them

Fast facts

  • OpenSea, the largest NFT marketplace, has banned the address believed to be associated with the exploit, but blockchain records show the suspicious address has interacted with the LooksRare marketplace. 
  • The hacked account posted on Instagram a promotion of a fake airdrop, where users were prompted to sign a “safeTransferFrom” transaction that transferred their assets to the hacker’s wallet, according to the BAYC.
  • Estimates on the value of heist vary, but according to BAYC cofounder Garga.eth, four Bored Apes, six Mutant Apes, and three Kennels NFTs have been lost. 
  • According to a report by on-chain detective zachxbt, hackers used several addresses to store the stolen assets.
  • NFT accounts on Discord and Twitter, including the official BAYC Discord channel, were hacked earlier this month to perpetrate similar BAYC giveaway scams.
  • NFTs were a top target among cybercriminals in the first quarter of 2022 with 20 hacks and nearly US$49 million in losses, according to a report from Atlas VPN

See related article: $10M in NFT money laundering, fraud likely to grow in 2022: report