The thieving of Bored Apes seemingly never ends, and now the expensive NFTs have been stolen not via OpenSea, as has usually been the case in these instances, but through Instagram.
On Monday, a hacker compromised the BAYC Instagram account and shared a phishing link under the pretense of announcing a fraudulent mint of land for the ‘Otherside’ metaverse. Those who clicked on the malicious link had their NFTs transferred to the hacker’s wallet.
The false announcement asked users to connect their MetaMask wallets in order to claim virtual land.
this is what the link showed for those wondering pic.twitter.com/noG3TCniXQ— jatuur (@jatuur) April 25, 2022
According to NFT scam detective zachxbt, the hacker stole 91 NFTs in total, including four BAYC, seven MAYC, four BAKC, and one CloneX NFTs. The majority of the stolen funds were transferred to the KuCoin crypto exchange platform, with the remainder being sent to Binance.
Instagram and Yuga Labs, the company behind BAYC, are currently investigating the cyberattack. It’s unknown if the victims will be compensated.
At the time of the hack, two-factor authentication was enabled and security surrounding the IG account followed best practices. We’ve regained control of the account, and are investigating how the hacker gained access with IG’s team.— Bored Ape Yacht Club (@BoredApeYC) April 25, 2022
On the Flipside
- The Bored Ape Yacht Club is one of the most successful NFT collections around, with over $1.8 billion in trading volume. Many have criticized the team for not putting enough effort into cybersecurity.