Bored Ape Yacht Club Instagram hacked; NFTs worth $3 mn stolen
Hackers have stolen non-fungible tokens (NFTs) worth nearly $3 million by compromising the official Instagram account of Bored Ape Yacht Club (BAYC).
The BAYC is the all-time favourite NFT collection in the crypto world which has reportedly generated over a billion dollars in sales in 2021.
Cybercriminals used the compromised Instagram account to post a phishing link that transferred tokens out of users’ crypto wallets, reports claimed.
The hack was disclosed on Twitter by BAYC on Monday morning. “There is no mint going on today,” the tweet read. “It looks like BAYC Instagram was hacked.”
BAYC is the original NFT collection created by Yuga Labs last April, and right now each goes for a minimum of $430,000 (145 Ether).
The fraudulent link claimed that users could mint “land” in the upcoming OthersideMeta, a metaverse project, due to launch later this week, which will feature the NFT collection as well as its official currency ApeCoin.
The users who clicked on the mint link have fallen prey to the attack. The wallets of these users have also been compromised as the hackers gained access to their wallets and transferred assets, including NFTs, to different wallets.
It is estimated that around 24 Bored Apes and 30 Mutant Apes have been stolen, according to recent OpenSea transfers. OpenSea transfers are one of the easiest ways to send NFTs to others as well as another different account of oneself.
The value of the 54 NFTs calculated by floor price is $13.7 million, even though Yuga Labs says the scope of the attack is far smaller.
“The hacker posted a fraudulent link to a copycat of the Bored Ape Yacht Club website, where a safeTransferFrom attack asked users to connect their MetaMask to the scammer’s wallet in order to participate in a fake Airdrop,” a spokesperson told CoinDesk via email.
“At 9:53 am ET, we alerted our community, removed all links to Instagram from our platforms and attempted to recover the hacked Instagram account,” it said.
Yuga Labs and Instagram are still investigating how the account was compromised, it said in a statement.
The growth in the NFT market seems to guarantee more incidents of theft and scams Phishing scams are most common in the crypto world because once a user’s crypto is stolen, transactions are considered nearly impossible to reverse.
A recent report from Chainalysis found $14 billion in criminal crypto transactions in 2021, up from $7.8 billion in 2020. That’s a very small slice of the overall market, which saw $15.8 trillion in crypto transactions last year, Chainalysis researchers pointed out, but it’s still a huge opportunity for hackers.