Home

/
/
How Bored Ape Yacht Club (BAYC) Hackers Made Away with $13 Million of NFTs in a Phishing Attack

How Bored Ape Yacht Club (BAYC) Hackers Made Away with $13 Million of NFTs in a Phishing Attack

Hackers have stolen Bored Ape Yacht Club (BAYC) NFTs worth $13 million and millions of ERC-20 tokens in a phishing attack on April 25.
Dalmas

April 26, 2022

Introduction​

In yet another blow to NFT holders, roughly $13 million worth of Bored Ape Yacht Club (BAYC) NFTs and millions of ERC-20 tokens have been stolen after the minter’s official Instagram account was hacked on April 25, 2022.

The attacker(s) took over the official BAYC Instagram account. They then posted a fraudulent “mint” link to followers, directing them to a cloned website with a fake airdrop. NFT holders were then asked to approve transactions, immediately transferring valuable assets in the phishing attack.

It is estimated that 24 Bored, 30 Mutant Apes, and several million dollars of ERC-20 tokens might have been stolen.

Fake Phishing BAYC NFTs

This is higher than initial estimates.

From their official Twitter account, BAYC confirmed the hack:

This morning, the official BAYC Instagram account was hacked. The hacker posted a fraudulent link to a copycat of the BAYC website with a fake Airdrop, where users were prompted to sign a ‘safeTransferFrom’ transaction. This transferred their assets to the scammer’s wallet.

According to observers, the “hack” seemed to be well-timed. This week, BAYC was to announce a land sale in the upcoming “OutsideMeta”. Therefore, the hacker took advantage of the hype ahead of the sale. From there, it leveraged the official Instagram account in a phishing attack that came as a sucker punch to impacted BAYC holders. Apparently, victims acted fast without “thinking” so as not to miss out on what will be valuable BAYC Land.

However, BAYC’s official communique is done first, through Twitter. Afterward, the same is dispersed in other social media channels like Discord. BAYC confirmed that it never conveys crucial information via Instagram.

Don’t Ape

The hack is a major blow to the NFT ecosystem. It further questions the community preparedness and the validity of “official” or verified communications. The failure of crypto users has once again caused them to bear huge losses. They have subsequently lost control of scarce and immensely valuable NFTs.

A user on Reddit is urging users to be critical before aping in lest they risk losing their valuable assets:

So, consider this a friendly reminder to all of you NFTers, Bitcoiners, and shitcoiners to use those critical thinking skills before sharing anything with anybody online. Just because an “official” social media entity blasts something out doesn’t necessarily make it so.

According to trackers, hackers have begun moving stolen apes to other wallets when writing. Despite being marked, these NFTs would likely be sold to unsuspecting fans in different markets at a lower price.

Image Source

Introduction

Dalmas

Dalmas is an active cryptocurrency content creator and highly regarded technical analyst. He’s passionate about blockchain technology and the futuristic potential of cryptocurrencies.

Get the day’s top crypto news and insights delivered to your inbox every evening.

Subscribe to Blockworks’ free newsletter now.

More articles

SEE ALL

Aave DAO, the governance body of the Aave Protocol, have voted…
Bitcoin prices are moving higher following the U.S. FED decision to…
Kraken will likely get a fine from the U.S. Treasury Department…
Bit.com, a full suite cryptocurrency exchange, announced the release of USD…