Hackers stole $13.7 million in ‘Bored Ape’ NFTs
Just last week, a MetaMask user of crypto wallet Metamask lost $650,000 worth of non-fungible tokens (NFTs) in a phishing attack. The breach led MetaMask to ask Apple users to disable automatic iCloud backups for their wallets.
Today, the Bored Ape Yacht Club (BAYC) NFT project became the latest in a series of NFT cyberattacks. According to a report from CoinDesk, hackers stole 54 NFTs estimated to be worth $13.7 million after BAYC’s Instagram account and Discord server were both hacked on Monday.
Hackers then advertised a fake distribution of NFTs known as an ‘airdrop’ – which tricked users into clicking a malicious link that gave control over their wallets to the hackers. In a post on Twitter, the BAYC NFT project said:
“There is no mint going on today. It looks like BAYC Instagram was hacked. Do not mint anything, click links or link your wallet to anything.”
🚨There is no mint going on today. It looks like BAYC Instagram was hacked. Do not mint anything, click links, or link your wallet to anything.
— Bored Ape Yacht Club (@BoredApeYC) April 25, 2022
In a statement, a BAYC spokesperson told CoinDesk via email, “The hacker posted a fraudulent link to a copycat of the Bored Ape Yacht Club website, where a safe transfer from attack asked users to connect their MetaMask to the scammer’s wallet in order to participate in a fake Airdrop.”
The spokesperson also added that a “Rough estimated losses due to the scam are 4 Bored Apes, 6 Mutant Apes, and 3 BAKC, as well as assorted other NFTs estimated at a total value of ~$3m. We are actively working to establish contact with affected users.”
Damn the BAYC Instagram hacker stole 4 BAYC, 7 MAYC, 3 BAKC, 1 CloneX, & more ( 91 NFTs in total)
— zachxbt (@zachxbt) April 25, 2022
“At 9:53 am ET, we alerted our community, removed all links to Instagram from our platforms, and attempted to recover the hacked Instagram account,” the spokesperson explained. Meanwhile, Yuga Labs, the creator of the Bored Ape Yacht Club, and Instagram are still investigating how the account was compromised, the spokesperson said.
We covered Yuga Labs last month after the NFT startup closed $450 million in Seed funding to build an NFT metaverse. The round was led by a16z crypto, with participation from top-tier game studios like Animoca Brands and its subsidiary The Sandbox, strategic partners like LionTree, Sound Ventures, and Thrive Capital, and crypto leaders like FTX and MoonPay, and other partners and collaborators.