Bored Ape Yacht Club's Instagram Was Hacked in $2.7 Million USD NFT Phishing Attack
The hacker stole more than 100 NFTs by falsely advertising an “Airdrop” on the account.
Bored Ape Yacht Club (BAYC) on Monday announced that its Instagram account had been hacked, resulting in a phishing attack in which hackers stole roughly $2.7 million USD worth of NFTs, according to CoinDesk.
“There is no mint going on today. It looks like BAYC Instagram was hacked. Do not mint anything, click links, or link your wallet to anything,” the company warned on Twitter.
This morning, the official BAYC Instagram account was hacked. The hacker posted a fraudulent link to a copycat of the BAYC website with a fake Airdrop, where users were prompted to sign a ‘safeTransferFrom’ transaction. This transferred their assets to the scammer’s wallet.
— Bored Ape Yacht Club (@BoredApeYC) April 25, 2022
According to data shared by Vice, the hacker stole 134 NFTs by using BAYC’s Instagram account to falsely advertise an “Airdrop,” in which users were prompted to sign a transfer agreement that shared their assets with the hacker. The scam promised users free tokens in exchange for connecting their MetaMask wallets to the website.
The stolen digital assets included several NFTs from Yuga Labs, including Bored Ape, Mutant Ape and Kennel Club NFTs. Among them, Bored Ape 6623, which is pictured above, was the most expensive token, having recently sold for 123 Ethereum, or approximately $354,500 USD at the current exchange rate, according to Engadget.
“At the time of the hack, two-factor authentication was enabled and security surrounding the IG account followed best practices,” the company wrote. “We’ve regained control of the account, and are investigating how the hacker gained access with IG’s team.”
It is unclear how the hacker was able to compromise BAYC’s Instagram account.
In more NFT news, Bored Ape Yacht Club will cover a limited run of Monkey Shoulder whisky.