On Monday, the Bored Ape Yacht Club NFT project announced that its Instagram account had been hacked in a tweet.
“There is no mint going on today. It looks like BAYC Instagram was hacked. Do not mint anything, click links, or link your wallet to anything,” the group wrote.
On its official Discord channel, a moderator warned users: “THERE IS A FAKE LAND MINT WEBSITE BEING SHARED BY THE BAYC IG. DO NOT MINT ANYTHING.”
The hackers advertised a fake distribution of NFTs, known as an airdrop in the web3 world, which tricked users into clicking on a malicious link. Once people clicked on it, they gave control of their wallets to the hackers, according to CoinDesk.
In a tweet, independent blockchain sleuth Zachxbt shared a link to the hacker’s Ethereum address, which is currently labeled as being a phishing address on Etherscan. Blockchain records show that the address received 134 NFTs within the space of a few hours on Monday morning. The stolen assets include numerous NFTs from Yuga Labs, the firm behind BAYC, including Bored Ape, Mutant Ape, and Kennel Club NFTs. The value of those NFTs before they were stolen was $2.7 million.
It’s unclear at this point how the hackers compromised the Instagram account.
The hackers’ wallet is flagged as being part of a “phishing scam” on Etherscan.
ZachXBT, an independent investigator who tracks scams and hacks on the blockchain, the hackers stole four Bored Ape Yacht Club NFTs, seven Mutant Ape Yacht Club NFTs, one CloneX NFTs, and several more NFTs.
Yuga Labs, the company that created Bored Ape Yacht Club, did not immediately respond to a request for comment.
Do you have more information this hack? Or other web3 and crypto hacks? We’d love to hear from you. You can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, Wickr/Telegram/Wire @lorenzofb, or email email@example.com
Earlier this month, the official Discord channel of Bored Ape Yacht Club, along with several other NFTs Discords were hacked as part of a phishing scam. The hack tricked users into clicking on a link to “mint” a fake NFT by sending ETH and in some cases an NFT to wrap into a token.
In the Discord channel, several people complained about being victims of today’s scam.
“They stole a bunch of shit. I had a rare king mutant and a bunny ear mutant. stuff that would sell above floor. I just lost over 100 ether on this. Fucking unacceptable. From official ig, the website looked real,” one user wrote. “I’m at the point where I have to sue yugo over this hack. Im not walking away from $300k because their shit was hacked.”
Another user wrote in solidarity for the people who lost their precious JPGs: “RIP to the apes that got tricked on IG today.”
Others blamed the victims.
“It’s like watching a bunch of people run into a burning building with free money spray painted on it,” wrote one user.
This post has been read 531 times!