The BAYC Instagram Breach Results in the Theft of NFTs in Millions

On Monday, the official Instagram profile of Bored Ape Yacht Club (BAYC) was compromised to advertise a false phishing URL intended to defraud owners of millions of dollars in non-fungible tokens (NFTs).

Although OpenSea, the biggest NFT marketplace, has blocked the address suspected of being linked with the hack, blockchain data indicate the questionable address has dealt with LooksRare. 

As per the BAYC, the compromised account promoted a bogus airdrop on Instagram, enticing users to sign a “safeTransferFrom” transaction that moved their funds directly to the wallet of the hacker. 

The estimated worth of the theft fluctuates, however as per the Bored Ape Yacht Club (BAYC) co-founder Garga.eth, four Bored Apes, six Mutant Apes, and three Kennels NFTs were stolen by the hackers.

The on-chain investigator zachxbt claimed that hackers stored the stolen assets using many addresses. NFT Discord and Twitter accounts, along with the official BAYC Discord channel, were compromised to conduct identical BAYC giveaway hoaxes earlier in April.

Including a report from Atlas VPN, NFTs were a major target for hackers in Q1 of 2022, with 20 intrusions and roughly US$49 million in losses.