Bored Ape Yacht Club NFTs Stolen in an Instagram Phishing Attack
Hackers breached the popular non-fungible token (NFT) collection's official Instagram page on Monday, according to Bored Ape Yacht Club (BAYC) developers, and published links to a false airdrop with the project’s followers.
BAYC holders who linked their MetaMask wallets to the scam website had their Ape NFTs stolen. The attempt appears to coincide with the BAYC collection's one-year anniversary, boosting the phishing link's "perceived trustworthiness."
According to unconfirmed reports on social media, the phishing attack resulted in the loss of around 100 NFTs. The floor price of each BAYC NFT, according to OpenSea, is roughly 147 Ether (ETH), or $430,202. If the reports are true, the attack resulted in the loss of more than $40 million in assets. However, because the figures are based on the floor price, they may only represent the lower end of the estimate.
At the time of writing, It is unclear how hackers got access to BAYC's official Instagram account. While some social media users emphasize the necessity of two-factor authentication as a barrier to unwanted log-ins, others argue that such measures are not failsafe and can be broken by a SIM-card swap.
Bored Ape Yacht Club has grown to become one of the most popular NFT collections in the crypto world, with sales exceeding $1 billion in 2021. The supply of NFTs in the collection is set at 10,000. In the last 30 days, more than 38,748 ETH worth of Apes were traded on OpenSea.