Bored Ape Yacht Club Instagram Hacked: $3 Million in NFTs Stolen

By Ava McKinneyOnline Safety

Bored Ape Yacht Club Instagram Hacked, $3 Million in NFTs Stolen

Hackers have compromised the Instagram account and Discord server of the Bored Ape Yacht Club (BAYC) NFT project, stealing NFTs worth approximately $3 million. The attackers spread a fake airdrop advertisement containing a malicious link among followers, which led to the theft.

How the Hack Happened

According to Yuga Labs, the company behind BAYC, the breach was announced on their official Twitter account. They warned users: β€œIt looks like the BAYC Instagram has been hacked. There is no minting happening, do not click links, and do not connect your wallet to anything.”

The hackers used the compromised accounts to promote a fake airdrop, sharing a malicious link that directed users to a phishing site designed to look like the official Bored Ape Yacht Club website. Victims who followed the link and connected their wallets unknowingly gave hackers control over their assets.

Security Measures and Investigation

Yuga Labs stated that two-factor authentication was enabled on the compromised accounts and that overall security measures were β€œtight.” An investigation is ongoing, but it remains unclear how the attackers gained access.

Impact and Losses

According to OpenSea, 24 NFTs from the Bored Apes collection and 30 from Mutant Apes changed hands after the hack. Some NFT holders may have transferred their tokens to others for security reasons. The total value of these 54 NFTs is estimated at around $13.7 million.

Independent researcher Zachxbt shared the hacker’s Ethereum address, which is now flagged as phishing on Etherscan. Reportedly, 134 NFTs were sent to this address within a few hours.

However, Yuga Labs claims the number of victims is much lower. According to the company, the attack resulted in the theft of 4 Bored Apes, 6 Mutant Apes, and 3 BAKC NFTs, with a combined value of about $2.7 million.

Community Reactions

One victim wrote, β€œI just lost over 100 ETH to this. This is unacceptable. [It was] the official Instagram and the site looked real. Now I’m in a position where I’ll have to sue Yuga over this hack. I’m not giving up my $300,000 because their stuff got hacked.”

Other users commented, β€œIt’s like watching a group of people run into a burning building labeled β€˜free money.’”

Instagram is blocked in Russia and belongs to Meta, which is recognized as an extremist organization and banned in the Russian Federation.

Leave a Reply