Hackers steal $1 million worth Bored Ape Yacht Club NFTs with Instagram hack
The Instagram account belonging to Bored Ape Yacht Club (BAYC) non-fungible-token (NFT) collection was hacked on Monday. A phishing link was sent out to users and designed to steal NFTs. According to Gizmodo, three million dollars worth of crypto was stolen from the victims.
“Rough estimated losses due to the scam are 4 Bored Apes, 6 Mutant Apes, and 3 BAKC [Bored Ape Kennel Club], as well as assorted other NFTs estimated at a total value of $3m,” a BAYC spokesperson told Gizmodo.
The hacker after compromising the Instagram account posted a fake airdrop link to the upcoming company’s new project Otherside metaverse, which is due to launch later this week. A crypto airdrop is predominantly about raising awareness for new projects or services. The idea is to send tokens or NFTs to thousands of crypto addresses in hope that more and more recipients engage and promote the corresponding project. To receive an airdrop, users are required to connect their crypto wallet where their NFTs are stored.
However, when users did so, the scam site stole the digital assets out of their wallets and transferred them to the hacker’s wallet. In a tweet, BAYC said: “This morning, the official BAYC Instagram account was hacked. The hacker posted a fraudulent link to a copycat of the BAYC website with a fake Airdrop, where users were prompted to sign a ‘safe transfer from’ transaction. This transferred their assets to the scammer’s wallet.”
Upon discovering the hack, the BAYC team removed the fake links on the compromised Instagram account. “We will also never announce mints on the BAYC or Otherside Instagram accounts first, ever. Only obtain information from our official Twitter accounts,” BAYC noted in a tweet.
As of now, It’s not at all clear how the hacker managed to get inside the BAYC Instagram account. The ape avatar platform claims that the “hack occurred even when two-factor-authentication was enabled on the account,” tweeted Gargamel, one of Yuga Labs’ founders. “The security practices surrounding the IG account were tight on Yuga’s end. Nothing important will ever get posted on Instagram again.”
Blockchain investigator, that goes the username @zachxbt on Twitter dug into the wall hacker’s wallet address and found that 4 Bored Apes, 7 Mutant Apes, and 3 Bored Ape Kennel Club NFTs were among the highly-valued NFTs stolen. BAYC NFT is owned celebrities, such as basketball icon Steph Curry, music art Post Malone, and even American TV host Jimmy Fallon.
BAYC NFT scams have become quite prevalent. Last month, a bored ape holder that goes the name ‘s27’ lost bubble gum ape and matching mutants worth $567k after swapping their NFTs at an exchange named “Swap. Kiwi”. This platform allows for direct NFT swaps between collectors, at reduced transaction fees.
In other news, Yuga Labs, creators behind the popular ape avatar collection announced stepping into the world of the metaverse. This company’s metaverse project is named Otherside, which intends to connect its massively multiplayer role-playing game into the broader NFT universe.