Bored Ape Yacht Club’s (BAYC) official Instagram profile was hacked to promote a fraudulent phishing link to scam millions of dollars worth of non-fungible tokens (NFTs) from victims on Monday.
See related article: Why NFT scams are on the rise — and how to stop them
Fast facts
- OpenSea, the largest NFT marketplace, has banned the address believed to be associated with the exploit, but blockchain records show the suspicious address has interacted with the LooksRare marketplace.
- The hacked account posted on Instagram a promotion of a fake airdrop, where users were prompted to sign a “safeTransferFrom” transaction that transferred their assets to the hacker’s wallet, according to the BAYC.
- Estimates on the value of heist vary, but according to BAYC cofounder Garga.eth, four Bored Apes, six Mutant Apes, and three Kennels NFTs have been lost.
- According to a report by on-chain detective zachxbt, hackers used several addresses to store the stolen assets.
- NFT accounts on Discord and Twitter, including the official BAYC Discord channel, were hacked earlier this month to perpetrate similar BAYC giveaway scams.
- NFTs were a top target among cybercriminals in the first quarter of 2022 with 20 hacks and nearly US$49 million in losses, according to a report from Atlas VPN
See related article: $10M in NFT money laundering, fraud likely to grow in 2022: report
