Another day, another crypto scam. This time, however, the targets were the $5 billion-valued Bored Ape Yacht Club (BAYC) and holders of its NFT apes.
On Monday, the Bored Ape Yacht Club’s official Twitter account announced that the company’s Instagram account was hacked.
“There is no mint going on today,” tweeted the BAYC account. “It looks like BAYC Instagram was hacked. Do not mint anything, click links, or link your wallet to anything.”
However, the warning seems to have come too late. Whoever hacked the BAYC Instagram had quickly used the access to their advantage. The BAYC Instagram shared a link directing Bored Ape investors to a link where they could ostensibly connect their crypto wallet and collect an exclusive freebie for BAYC holders only.
In reality, that link sucked their ape-NFT-holding-wallets dry. According to Web3 Is Going Great creator Molly White, approximately 44 people fell for the scam, resulting in 133 NFTs being stolen from their owners.
Blockchain investigator @zachxbt dug into the wall hacker’s wallet address and found that 4 Bored Apes, 7 Mutant Apes, and 3 Bored Ape Kennel Club NFTs were among the highly-valued NFTs stolen. These stolen NFTs are estimated to be worth around $3 million based on previous aftermarket sales.
It appears that the thief is already selling the stolen non-fungible tokens on the NFT aftermarket as well. According to Molly White, 23 of the stolen NFTs have sold so far for a total of around $2.4 million.
It’s unclear how the BAYC Instagram account was hacked. In a statement provided to Vice, BAYC owner Yuga Labs claimed that two-factor authentication was enabled on the Instagram account, a security measure that should have made unauthorized access to the account extremely difficult.